2 matches found
Sql injection
Multiple SQL injection vulnerabilities in All In One Control Panel AIOCP 1.3.010 and earlier, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 xusername parameter to shared/code/cpauthorization.php, and the 2 did parameter to...
aiocp-bypass.txt
i Product Name: AIOCP - All In One Control Panel i Vulnerable Versions: = 1.3.009 i Bug found by: Coloss i Contact: [email protected] i Date: 9.1.2007 i Spec: AIOCP doesn't check the username posted by the client before using this to check authentication, so SQL Injection is possible Example show...