CVE-2007-3120

Cross-site scripting (XSS) vulnerability in public/code/cp_dpage.php in All In One Control Panel (AIOCP) before 1.3.017 allows remote attackers to inject arbitrary web script or HTML via the aiocp_dp parameter. NOTE: some of these details are obtained from third party information.

Affected Software

Name	Vendor	Start Version	End Version
Aiocp	Aiocp	1.3.000 (including)	1.3.000 (including)
Aiocp	Aiocp	1.3.001 (including)	1.3.001 (including)
Aiocp	Aiocp	1.3.002 (including)	1.3.002 (including)
Aiocp	Aiocp	1.3.003 (including)	1.3.003 (including)
Aiocp	Aiocp	1.3.004 (including)	1.3.004 (including)
Aiocp	Aiocp	1.3.005 (including)	1.3.005 (including)
Aiocp	Aiocp	1.3.006 (including)	1.3.006 (including)
Aiocp	Aiocp	1.3.007 (including)	1.3.007 (including)
Aiocp	Aiocp	1.3.008 (including)	1.3.008 (including)
Aiocp	Aiocp	1.3.009 (including)	1.3.009 (including)
Aiocp	Aiocp	1.3.010 (including)	1.3.010 (including)
Aiocp	Aiocp	1.3.011 (including)	1.3.011 (including)
Aiocp	Aiocp	1.3.012 (including)	1.3.012 (including)
Aiocp	Aiocp	1.3.013 (including)	1.3.013 (including)
Aiocp	Aiocp	1.3.014 (including)	1.3.014 (including)
Aiocp	Aiocp	1.3.015 (including)	1.3.015 (including)
Aiocp	Aiocp	1.3.016 (including)	1.3.016 (including)
Aiocp	Aiocp	1.3.017 (including)	1.3.017 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-3120
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References