CVE-2010-4810

Multiple PHP remote file inclusion vulnerabilities in AR Web Content Manager (AWCM) 2.1 final allow remote attackers to execute arbitrary PHP code via a URL in the theme_file parameter to (1) includes/window_top.php and (2) header.php, and the (3) lang_file parameter to control/common.php.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:awcm-cms:ar_web_content_manager:2.1:final:*:*:*:*:*:*

Information

Published : 2011-07-08 15:55

Updated : 2017-08-28 18:29


NVD link : CVE-2010-4810

Mitre link : CVE-2010-4810


JSON object : View

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

Advertisement

dedicated server usa

Products Affected

awcm-cms

  • ar_web_content_manager