Vulnerability Description
SQL injection vulnerability in shared/code/cp_functions_downloads.php in Nicola Asuni All In One Control Panel (AIOCP) before 1.3.009 allows remote attackers to execute arbitrary SQL commands via the download_category parameter.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nicola Asuni | All In One Control Panel | 1.3.000 |
References
- http://osvdb.org/31641
- http://secunia.com/advisories/23726PatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=477845Patch
- http://www.securityfocus.com/bid/22019
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31591
- http://osvdb.org/31641
- http://secunia.com/advisories/23726PatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=477845Patch
- http://www.securityfocus.com/bid/22019
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31591
FAQ
What is CVE-2007-0223?
CVE-2007-0223 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in shared/code/cp_functions_downloads.php in Nicola Asuni All In One Control Panel (AIOCP) before 1.3.009 allows remote attackers to execute arbitrary SQL commands via the ...
How severe is CVE-2007-0223?
CVE-2007-0223 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0223?
Check the references section above for vendor advisories and patch information. Affected products include: Nicola Asuni All In One Control Panel.