Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aiocp aiocp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4747
PHP remote file inclusion vulnerability in public/code/cp_html2xhtmlbasic.php in All In One Control Panel (AIOCP) 1.4.001 allows remote malicious users to execute arbitrary PHP code via a URL in the page parameter, a different vector than CVE-2009-3220.
Tecnick Aiocp 1.4.001
1 EDB exploit
NA
CVE-2009-3220
PHP remote file inclusion vulnerability in cp_html2txt.php in All In One Control Panel (AIOCP) 1.4.001 allows remote malicious users to execute arbitrary PHP code via a URL in the page parameter.
Tecnick Aiocp 1.4.001
1 EDB exploit
NA
CVE-2008-4782
SQL injection vulnerability in public/code/cp_polls_results.php in All In One Control Panel (AIOCP) 1.4 allows remote malicious users to execute arbitrary SQL commands via the poll_id parameter.
Aiocp Aiocp 1.4.001
Aiocp Aiocp 1.4.000
2 EDB exploits
NA
CVE-2007-3120
Cross-site scripting (XSS) vulnerability in public/code/cp_dpage.php in All In One Control Panel (AIOCP) prior to 1.3.017 allows remote malicious users to inject arbitrary web script or HTML via the aiocp_dp parameter. NOTE: some of these details are obtained from third party inf...
Aiocp Aiocp 1.3.003
Aiocp Aiocp 1.3.004
Aiocp Aiocp 1.3.011
Aiocp Aiocp 1.3.012
Aiocp Aiocp 1.3.013
Aiocp Aiocp 1.3.001
Aiocp Aiocp 1.3.002
Aiocp Aiocp 1.3.009
Aiocp Aiocp 1.3.010
Aiocp Aiocp 1.3.005
Aiocp Aiocp 1.3.006
Aiocp Aiocp 1.3.014
Aiocp Aiocp 1.3.015
Aiocp Aiocp 1.3.000
Aiocp Aiocp 1.3.007
Aiocp Aiocp 1.3.008
Aiocp Aiocp 1.3.016
Aiocp Aiocp 1.3.017
NA
CVE-2007-2624
Dynamic variable evaluation vulnerability in shared/config/cp_config.php in All In One Control Panel (AIOCP) prior to 1.3.016 allows remote malicious users to conduct cross-site scripting (XSS) and possibly other attacks via the SERVER superglobal array. NOTE: some of these detai...
Aiocp Aiocp
NA
CVE-2007-2625
Cross-site scripting (XSS) vulnerability in shared/code/cp_authorization.php in All In One Control Panel (AIOCP) prior to 1.3.016 allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters. NOTE: some of these details are obtained from third p...
Aiocp Aiocp
NA
CVE-2007-0365
Multiple cross-site scripting (XSS) vulnerabilities in All In One Control Panel (AIOCP) 1.3.009 and previous versions allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably a different vulnerability than CVE-2006-5830.
Nicola Asuni All In One Control Panel 1.3.000
Nicola Asuni All In One Control Panel 1.3.007
Nicola Asuni All In One Control Panel 1.3.008
Nicola Asuni All In One Control Panel 1.3.003
Nicola Asuni All In One Control Panel 1.3.004
Nicola Asuni All In One Control Panel 1.3.005
Nicola Asuni All In One Control Panel 1.3.006
Nicola Asuni All In One Control Panel 1.3.001
Nicola Asuni All In One Control Panel 1.3.002
Nicola Asuni All In One Control Panel
NA
CVE-2007-0316
Multiple SQL injection vulnerabilities in All In One Control Panel (AIOCP) 1.3.010 and previous versions, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) xuser_name parameter to shared/code/cp_authorization.php, and th...
All In One Control Panel All In One Control Panel
1 EDB exploit
NA
CVE-2007-0223
SQL injection vulnerability in shared/code/cp_functions_downloads.php in Nicola Asuni All In One Control Panel (AIOCP) prior to 1.3.009 allows remote malicious users to execute arbitrary SQL commands via the download_category parameter.
Nicola Asuni All In One Control Panel 1.3.000
Nicola Asuni All In One Control Panel 1.3.001
Nicola Asuni All In One Control Panel 1.3.002
Nicola Asuni All In One Control Panel 1.3.003
Nicola Asuni All In One Control Panel 1.3.004
Nicola Asuni All In One Control Panel 1.3.005
Nicola Asuni All In One Control Panel 1.3.006
Nicola Asuni All In One Control Panel 1.3.007
Nicola Asuni All In One Control Panel 1.3.008
NA
CVE-2006-5832
All In One Control Panel (AIOCP) 1.3.007 and previous versions allows remote malicious users to obtain the full path of the web server via certain requests to (1) public/code/cp_dpage.php, possibly involving the aiocp_dp[] parameter, (2) public/code/cp_show_ec_products.php, possi...
Aiocp Aiocp 1.3.006
Aiocp Aiocp 1.3.007
Aiocp Aiocp 1.3.002
Aiocp Aiocp 1.3.000
Aiocp Aiocp 1.3.001
Aiocp Aiocp 1.3.003
Aiocp Aiocp 1.3.004
Aiocp Aiocp 1.3.005
3 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »