Awcm-cms : Security Vulnerabilities, CVEs, Published In 2011 (File inclusion)
Multiple PHP remote file inclusion vulnerabilities in AR Web Content Manager (AWCM) 2.1 final allow remote attackers to execute arbitrary PHP code via a URL in the theme_file parameter to (1) includes/window_top.php and (2) header.php, and the (3) lang_file parameter to control/common.php.
Max CVSS
7.5
EPSS Score
1.18%
Published
2011-07-08
Updated
2017-08-29
1 vulnerabilities found