Ar Web Content Manager
Monthly
ar web content manager (AWCM) 2.2 does not restrict the number of comment records that can be submitted through HTTP requests, which allows remote attackers to cause a denial of service (disk. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
cookie_gen.php in ar web content manager (AWCM) 2.2 does not require authentication, which allows remote attackers to generate arbitrary cookies via the name parameter in conjunction with the content. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
ar web content manager (AWCM) 2.2 does not restrict the number of comment records that can be submitted through HTTP requests, which allows remote attackers to cause a denial of service (disk. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
cookie_gen.php in ar web content manager (AWCM) 2.2 does not require authentication, which allows remote attackers to generate arbitrary cookies via the name parameter in conjunction with the content. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.