| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-5830 | 6.8 |
Multiple cross-site scripting (XSS) vulnerabilities in All In One Control Panel (AIOCP) 1.3.007 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) topid, (2) forid, and (3) catid parameters to code/cp_forum_view.php
|
17-10-2018 - 21:45 | 10-11-2006 - 01:07 | |
| CVE-2006-5832 | 5.0 |
All In One Control Panel (AIOCP) 1.3.007 and earlier allows remote attackers to obtain the full path of the web server via certain requests to (1) public/code/cp_dpage.php, possibly involving the aiocp_dp[] parameter, (2) public/code/cp_show_ec_produ
|
17-10-2018 - 21:45 | 10-11-2006 - 01:07 | |
| CVE-2006-5829 | 6.8 |
Multiple SQL injection vulnerabilities in All In One Control Panel (AIOCP) 1.3.007 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) choosed_language parameter to (a) cp_dpage.php, (b) cp_news.php, (c) cp_forum_view.php
|
17-10-2018 - 21:45 | 10-11-2006 - 01:07 | |
| CVE-2006-5831 | 7.5 |
PHP remote file inclusion vulnerability in admin/code/index.php in All In One Control Panel (AIOCP) 1.3.007 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the load_page parameter.
|
17-10-2018 - 21:45 | 10-11-2006 - 01:07 |