Full title: Bolt CMS 3.7.0 XSS / CSRF / Shell Upload Vulnerabilities 
Category: web applications
Platform: php
Bolt CMS versions 3.7.0 and below suffer from cross site request forgery, cross site scripting, and remote shell upload vulnerabilities that when combined can achieve remote code execution in one click.

# 0day.today @ http://0day.today/