2 matches found
CVE-2009-3218
SQL injection vulnerability in control/login.php in AR Web Content Manager AWCM 2.1, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter...
CVE-2009-3218
Summary: CVE-2009-3218 describes an SQL injection in AR Web Content Manager (AWCM) 2.1, exploitable when magic_quotes_gpc is disabled, via the username parameter in control/login.php. Affected software: AR Web Content Manager (AWCM) 2.1. The vulnerability originates from improper handling of user...