Nicola Asuni » All In One Control Panel : Security Vulnerabilities, CVEs,
Multiple cross-site scripting (XSS) vulnerabilities in All In One Control Panel (AIOCP) 1.3.009 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably a different vulnerability than CVE-2006-5830.
Max CVSS
6.8
EPSS Score
1.14%
Published
2007-01-19
Updated
2017-07-29
SQL injection vulnerability in shared/code/cp_functions_downloads.php in Nicola Asuni All In One Control Panel (AIOCP) before 1.3.009 allows remote attackers to execute arbitrary SQL commands via the download_category parameter.
Max CVSS
7.5
EPSS Score
0.65%
Published
2007-01-13
Updated
2017-07-29
2 vulnerabilities found