Acidcat CMS Multiple Input Validation Vulnerabilities

Acidcat CMS Multiple Input Validation Vulnerabilities

Acidcat CMS is prone to multiple input-validation vulnerabilities, including:

- Multiple SQL-injection vulnerabilities.
- Multiple open-email-relay vulnerabilities.
- A cross-site scripting vulnerability.
- An arbitrary-file-upload vulnerability.

Exploiting these issues could allow attackers to compromise the affected application, access or modify data, exploit latent vulnerabilities in the underlying database, execute arbitrary code, steal cookie-based authentication credentials, and send unsolicited spam.

Acidcat CMS 3.1 is vulnerable; other versions may also be affected.