CVE-2012-2437 in ar web content managerinfo

Summary

cookie_gen.php in ar web content manager (AWCM) 2.2 does not require authentication, which allows remote attackers to generate arbitrary cookies via the name parameter in conjunction with the content parameter.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

04/27/2012

Disclosure

11/26/2012

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-287

Exploit

Download

CVSS

5.3

EPSS

0.07250

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-2437
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-2437
CVE Details	https://www.cvedetails.com/cve/CVE-2012-2437/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!