Vulnerabilities > CVE-2007-2624 - Cross-Site Scripting vulnerability in All In One Control Panel CP_Config.PHP
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
aiocp
Summary
Dynamic variable evaluation vulnerability in shared/config/cp_config.php in All In One Control Panel (AIOCP) before 1.3.016 allows remote attackers to conduct cross-site scripting (XSS) and possibly other attacks via the SERVER superglobal array. NOTE: some of these details are obtained from third party information.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |