Unauthenticated Arbitrary Cookie Generation in AWCM 2.2

Unauthenticated Arbitrary Cookie Generation in AWCM 2.2

CVE-2012-2437 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

cookie_gen.php in ar web content manager (AWCM) 2.2 does not require authentication, which allows remote attackers to generate arbitrary cookies via the name parameter in conjunction with the content parameter.

Learn more about our Web App Pen Testing.