All In One Control Panel : Security Vulnerabilities, CVEs, CVSS score >= 2
Multiple SQL injection vulnerabilities in All In One Control Panel (AIOCP) 1.3.010 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) xuser_name parameter to shared/code/cp_authorization.php, and the (2) did parameter to public/code/cp_downloads.php, different vectors than CVE-2007-0223.
Max CVSS
7.5
EPSS Score
1.77%
Published
2007-01-18
Updated
2017-07-29
1 vulnerabilities found