MTCMS multiple upload vulnerabilities

2007-02-27T00:00:00
ID SECURITYVULNS:DOC:16194
Type securityvulns
Reporter Securityvulns
Modified 2007-02-27T00:00:00

Description

avatar upload vulnerability: upload any kind of file in: site.com/MTCMS-V2.2/?a=gallery&b=add_down and approuved or not it will be here : /uploads/pictures/ same thing for : add link /index.php?a=links&b=add_link

xss permanent on Contact Us : message & title fields are vulnerable to an xss attack. this kind of xss are pretty dangerous, because you send the malicious message to an admin. so you can get his cookie.

regards laurent gaffie