CVE-2012-2438 Information

Description

ar web content manager (AWCM) 2.2 does not restrict the number of comment records that can be submitted through HTTP requests which allows remote attackers to cause a denial of service (disk consumption) via the coment parameter to (1) show_video.php or (2) topic.php.

Reference

http://archives.neohapsis.com/archives/bugtraq/2012-11/0039.html http://packetstormsecurity.org/files/117975/AWCM-2.2-Access-Bypass.html https://exchange.xforce.ibmcloud.com/vulnerabilities/79927