CVE-2012-2438

Name of the Vulnerable Software and Affected Versions ar web content manager (AWCM) version 2.2

Description The issue allows remote attackers to cause a denial of service due to disk consumption. This can be achieved by submitting a large number of comment records through HTTP requests to specific API endpoints, such as "show video.php" or "topic.php", using the coment parameter.

Recommendations For version 2.2, consider restricting the number of comment records that can be submitted through HTTP requests to prevent disk consumption. As a temporary workaround, restrict access to the "show video.php" and "topic.php" endpoints to minimize the risk of exploitation. Avoid using the coment parameter in these affected endpoints until the issue is resolved.