Summary
AWCM CMS is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker can exploit these vulnerabilities to obtain potentially sensitive information or to execute arbitrary script code in the context of the webserver process. This may allow the attacker to compromise the application and the computer other
attacks are also possible.
AWCM 2.1 and 2.2 are vulnerable
other versions may also be affected.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2010-4810 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- 3Com OfficeConnect VPN Firewall Default Password Security Bypass Vulnerability
- Apache Struts2 'URL' & 'Anchor' tags Arbitrary Java Method Execution Vulnerabilities
- Astium VoIP PBX SQL Injection Vulnerability
- appRain CMF SQL Injection And Cross Site Scripting Vulnerabilities
- AWCM CMS Multiple Remote File Include Vulnerabilities