PHP Remote File Inclusion Vulnerability in All In One Control Panel by AIOCP
CVE-2009-3220

Currently unrated

Key Information:

Vendor: Tecnick
Status: Aiocp
Vendor: CVE Published:; 16 September 2009

What is CVE-2009-3220?

A remote file inclusion vulnerability exists in the cp_html2txt.php file of All In One Control Panel version 1.4.001. This flaw enables remote attackers to execute arbitrary PHP code by supplying a malicious URL in the page parameter, potentially compromising the security of the server and giving unauthorized access to sensitive data.

References

http://www.securityfocus.com/archive/1/505250/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/35811

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Sep 16, 2009
Vulnerability Reserved
Sep 16, 2009

Tecnick

What is CVE-2009-3220?

References

Timeline