Lucene search

[email protected]CVE-2007-0574

HistoryJan 30, 2007 - 5:28 p.m.

CVE-2007-0574

2007-01-3017:28:00

[email protected]

web.nvd.nist.gov

cve-2007-0574

sql injection

rss

show_webfeed.php

spoonlabs

vivvo article management cms

phpwordpress

remote attackers

nvd

vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

82.2%

JSON

SQL injection vulnerability in rss/show_webfeed.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.40 allows remote attackers to execute arbitrary SQL commands via the wcHeadlines parameter, a different vector than CVE-2006-4715. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

spoonlabsvivvo_article_management_cmsMatch3.40

CPENameOperatorVersion
spoonlabs:vivvo_article_management_cmsspoonlabs vivvo article management cmseq3.40

CPE	Name	Operator	Version
spoonlabs:vivvo_article_management_cms	spoonlabs vivvo article management cms	eq	3.40

References

osvdb.org/36631

www.securityfocus.com/bid/22282

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

82.2%

JSON

Related for CVE-2007-0574

prion1 cvelist2 nvd2 patchstack1 cve1 securityvulns1