CVE-2007-3220
35Vexday Risk Score
No sign of exploitation. It has a public proof of concept.
ssvc Attendepss 63%
exploitation probability
63%top 1% of all CVEs
observed exploitation
nono source reports it
1 public exploit(s)
PHP remote file inclusion vulnerability in admin/editor2/spaw_control.class.php in the Cjay Content 3 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this may be a duplicate of CVE-2006-4656.
Affected products
n/a · n/apublic PoCs found — 1
cve_referencewww.exploit-db.com/exploits/4070unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.