Full title: Glossword 1.8.12 XSS / CSRF / Shell Upload / Database Disclosure 
Category: web applications
Platform: php
Glossword version 1.8.12 suffers from database backup disclosure, cross site request forgery, cross site scripting, and remote shell upload vulnerabilities.

# 0day.today @ http://0day.today/