Full title: GetSimple CMS 3.2.1 Arbitrary File Upload / Cross Site Scripting 
Category: web applications
Platform: php
GetSimpleCMS version 3.2.1 suffers from a persistent cross site scripting vulnerability and remote arbitrary file upload vulnerability due to not using whitelisting.

# 0day.today @ http://0day.today/