ar web content manager (AWCM) 2.2 does not restrict the number of comment records that can be submitted through HTTP requests, which allows remote attackers to cause a denial of service (disk consumption) via the coment parameter to (1) show_video.php or (2) topic.php.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ar_web_content_manager | Awcm-cms | 2.2 (including) | 2.2 (including) |