3 matches found
CVE-2012-2438
AWCM 2.2 is vulnerable to an access-control flaw that lets unauthenticated attackers insert millions of comment records through the HTTP parameter com ent to show_video.php or topic.php, leading to disk consumption DoS. Root cause is lack of access protection for comment insertion. PoC examples e...
Vulnerability Report on AWCM 2.2
Vulnerability Report AWCM 2.2 CVE-Candidate-ID: CVE-2012-2437, CVE-2012-2438 Issue: Access Control Bug in AWCM 2.2, Anyone can build the cookie and inserts DB records. Author: Sooel Son sonpostman at gmail dot com Source Code: http://sourceforge.net/projects/awcm/ 1. Details: CVE-2012-2437 Withou...
AWCM 2.2 Access Bypass Vulnerability
AWCM version 2.2 appears to suffer from cookie forgery and direct access vulnerabilities. Vulnerability Report AWCM 2.2 CVE-Candidate-ID: CVE-2012-2437, CVE-2012-2438 Issue: Access Control Bug in AWCM 2.2, Anyone can build the cookie and inserts DB records. Author: Sooel Son sonpostman at gmail d...