Lucene search

HistoryFeb 27, 2007 - 12:00 a.m.

MTCMS multiple upload vulnerabilities


avatar upload vulnerability:
upload any kind of file in:
and approuved or not it will be here :
same thing for : add link

xss permanent on Contact Us :
message & title fields are vulnerable to an xss attack.
this kind of xss are pretty dangerous, because you send the malicious message to an admin.
so you can get his cookie.

regards laurent gaffie

Use Vulners API to create your own security tool

API usage cases
  • Network scanning
  • Linux Patch management
  • Threat protection
  • No network audit solution

Ways of integration

Integrate Vulners API