Intrusion Prevention

SpoonLabs.Vivvo.Article.Management.PdfVersion.PHP.SQL.Injection

Description

A SQL injection vulnerability in pdf_version.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected Products

SpoonLabs Vivvo Article Management 3.2

Impact

Execute arbitrary SQL commands.

Recommended Actions

Apply patch :
http://www.vivvo.net/forums/showthread.php?t=310

CVE References

CVE-2006-4715