e107 CMS 3.2.1 Arbitrary File Upload / Cross Site Scripting

e107 CMS version 3.2.1 suffers from cross site scripting and arbitrary file upload vulnerabilities that can allow for a shell upload.

Continue reading...