RSS   Vulnerabilities for 'All in one control panel'   RSS

2007-01-17
 
CVE-2007-0316

 

 
Multiple SQL injection vulnerabilities in All In One Control Panel (AIOCP) 1.3.010 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) xuser_name parameter to shared/code/cp_authorization.php, and the (2) did parameter to public/code/cp_downloads.php, different vectors than CVE-2007-0223.

 


Copyright 2020, cxsecurity.com

 

Back to Top