Vulnerability Database

290,278

Total vulnerabilities in the database

CVE-2007-3120

Cross-site scripting (XSS) vulnerability in public/code/cp_dpage.php in All In One Control Panel (AIOCP) before 1.3.017 allows remote attackers to inject arbitrary web script or HTML via the aiocp_dp parameter. NOTE: some of these details are obtained from third party information.

  • Published: Jun 7, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-3120
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
aiocp / aiocp 1.3.005 1.3.005.x
aiocp / aiocp 1.3.015 1.3.015.x
aiocp / aiocp 1.3.010 1.3.010.x
aiocp / aiocp 1.3.013 1.3.013.x
aiocp / aiocp 1.3.012 1.3.012.x
aiocp / aiocp 1.3.009 1.3.009.x
aiocp / aiocp 1.3.003 1.3.003.x
aiocp / aiocp 1.3.006 1.3.006.x
aiocp / aiocp 1.3.000 1.3.000.x
aiocp / aiocp 1.3.008 1.3.008.x
aiocp / aiocp 1.3.016 1.3.016.x
aiocp / aiocp 1.3.002 1.3.002.x
aiocp / aiocp 1.3.011 1.3.011.x
aiocp / aiocp 1.3.001 1.3.001.x
aiocp / aiocp 1.3.004 1.3.004.x
aiocp / aiocp 1.3.017 1.3.017.x
aiocp / aiocp 1.3.007 1.3.007.x
aiocp / aiocp 1.3.014 1.3.014.x