CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vivvo: Security Vulnerabilities

CVE-2009-3787

files.php in Vivvo CMS 4.1.5.1 allows remote attackers to conduct directory traversal attacks and read arbitrary files via the file parameter with "logs/" in between two . (dot) characters, which is filtered into a "../" sequence.

CVSS Score

5.0

EPSS Score

0.035

Published

2009-10-26

CVE-2008-6801

Cross-site request forgery (CSRF) vulnerability in Vivvo CMS before 4.0.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

CVSS Score

4.4

EPSS Score

0.001

Published

2009-05-07

CVE-2009-0466

Cross-site scripting (XSS) vulnerability in Vivvo CMS before 4.1.1 allows remote attackers to inject arbitrary web script or HTML via a URI that triggers a 404 Page Not Found response.

CVSS Score

4.3

EPSS Score

0.003

Published

2009-02-10

Page 1

Vulnerabilities

Vulnerable Software

Vivvo: Security Vulnerabilities

Products

Pricing

Contact Us