[email protected]CVE-2007-0365

HistoryJan 19, 2007 - 7:28 p.m.

CVE-2007-0365

2007-01-1919:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-0365

cross-site scripting

xss

aiocp

security vulnerability

5.8 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.5%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in All In One Control Panel (AIOCP) 1.3.009 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably a different vulnerability than CVE-2006-5830.

CPENameOperatorVersion
nicola_asuni:all_in_one_control_panelnicola asuni all in one control panelle1.3.009
nicola_asuni:all_in_one_control_panelnicola asuni all in one control paneleq1.3.005
nicola_asuni:all_in_one_control_panelnicola asuni all in one control paneleq1.3.007
nicola_asuni:all_in_one_control_panelnicola asuni all in one control paneleq1.3.002
nicola_asuni:all_in_one_control_panelnicola asuni all in one control paneleq1.3.008
nicola_asuni:all_in_one_control_panelnicola asuni all in one control paneleq1.3.000
nicola_asuni:all_in_one_control_panelnicola asuni all in one control paneleq1.3.003
nicola_asuni:all_in_one_control_panelnicola asuni all in one control paneleq1.3.006
nicola_asuni:all_in_one_control_panelnicola asuni all in one control paneleq1.3.001
nicola_asuni:all_in_one_control_panelnicola asuni all in one control paneleq1.3.004

CPE	Name	Operator	Version
nicola_asuni:all_in_one_control_panel	nicola asuni all in one control panel	le	1.3.009
nicola_asuni:all_in_one_control_panel	nicola asuni all in one control panel	eq	1.3.005
nicola_asuni:all_in_one_control_panel	nicola asuni all in one control panel	eq	1.3.007
nicola_asuni:all_in_one_control_panel	nicola asuni all in one control panel	eq	1.3.002
nicola_asuni:all_in_one_control_panel	nicola asuni all in one control panel	eq	1.3.008
nicola_asuni:all_in_one_control_panel	nicola asuni all in one control panel	eq	1.3.000
nicola_asuni:all_in_one_control_panel	nicola asuni all in one control panel	eq	1.3.003
nicola_asuni:all_in_one_control_panel	nicola asuni all in one control panel	eq	1.3.006
nicola_asuni:all_in_one_control_panel	nicola asuni all in one control panel	eq	1.3.001
nicola_asuni:all_in_one_control_panel	nicola asuni all in one control panel	eq	1.3.004

References

osvdb.org/32808

secunia.com/advisories/23732

sourceforge.net/project/shownotes.php?release_id=478370

www.vupen.com/english/advisories/2007/0189

exchange.xforce.ibmcloud.com/vulnerabilities/31486

5.8 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.5%

JSON

Related for CVE-2007-0365

prion1 securityvulns1 cve1