VYPR
Vendor

AR Web Content Manager

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2010-4810Jul 8, 2011
    risk 0.03cvss epss 0.02

    Multiple PHP remote file inclusion vulnerabilities in AR Web Content Manager (AWCM) 2.1 final allow remote attackers to execute arbitrary PHP code via a URL in the theme_file parameter to (1) includes/window_top.php and (2) header.php, and the (3) lang_file parameter to…

  • CVE-2010-1066Mar 23, 2010
    risk 0.03cvss epss 0.02

    AR Web Content Manager (AWCM) 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for control/db_backup.php.

  • CVE-2009-3218Sep 16, 2009
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in control/login.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter.

  • CVE-2012-2438Nov 26, 2012
    risk 0.00cvss epss 0.02

    ar web content manager (AWCM) 2.2 does not restrict the number of comment records that can be submitted through HTTP requests, which allows remote attackers to cause a denial of service (disk consumption) via the coment parameter to (1) show_video.php or (2) topic.php.