PHP remote file inclusion vulnerability in index.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the classified_path parameter.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Vivvo_article_management_cms | Spoonlabs | * | 3.25 (including) |
| Vivvo_article_management_cms | Spoonlabs | 3.2 (including) | 3.2 (including) |