1. CVE-Search
  2. CVE-2007-3120
ID CVE-2007-3120
Summary Cross-site scripting (XSS) vulnerability in public/code/cp_dpage.php in All In One Control Panel (AIOCP) before 1.3.017 allows remote attackers to inject arbitrary web script or HTML via the aiocp_dp parameter. NOTE: some of these details are obtained from third party information.
References
Vulnerable Configurations
  • cpe:2.3:a:aiocp:aiocp:1.3.000:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.000:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.001:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.001:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.002:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.002:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.003:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.003:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.004:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.004:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.005:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.005:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.006:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.006:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.007:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.007:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.008:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.008:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.009:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.009:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.010:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.010:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.011:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.011:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.012:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.012:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.013:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.013:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.014:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.014:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.015:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.015:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.016:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.016:*:*:*:*:*:*:*
  • cpe:2.3:a:aiocp:aiocp:1.3.017:*:*:*:*:*:*:*
    cpe:2.3:a:aiocp:aiocp:1.3.017:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 29-07-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
bid 24357
confirm http://sourceforge.net/project/shownotes.php?release_id=514035
osvdb 35533
secunia 25584
vupen ADV-2007-2097
xf aiocp-cpdpage-xss(34762)
Last major update 29-07-2017 - 01:31
Published 07-06-2007 - 21:30
Last modified 29-07-2017 - 01:31
Back to Top