{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T11:17:28.136","vulnerabilities":[{"cve":{"id":"CVE-2011-1668","sourceIdentifier":"cve@mitre.org","published":"2011-04-10T02:51:20.087","lastModified":"2025-04-11T00:51:21.963","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in search.php in AR Web Content Manager (AWCM) 2.1, 2.2, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the search parameter."},{"lang":"es","value":"Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en search.php en AR Web Content Manager (AWCM) v2.1, v2.2, y posiblemente otras versiones permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro search."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:awcm-cms:ar_web_content_manager:2.1:*:*:*:*:*:*:*","matchCriteriaId":"7F973228-062F-4015-8F76-2926F51CA9D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:awcm-cms:ar_web_content_manager:2.2:*:*:*:*:*:*:*","matchCriteriaId":"DBC1DF46-22B3-4924-A1C4-D95F9524A16C"}]}]}],"references":[{"url":"http://secpod.org/advisories/SECPOD_AWCM_XSS.txt","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://securityreason.com/securityalert/8193","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/archive/1/517294/100/0/threaded","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/47126","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/66536","source":"cve@mitre.org"},{"url":"http://secpod.org/advisories/SECPOD_AWCM_XSS.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://securityreason.com/securityalert/8193","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/archive/1/517294/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/47126","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/66536","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}