TomatoCMS SQL Injection Vulnerability and Multiple HTML Injection Vulnerabilities

TomatoCMS SQL Injection Vulnerability and Multiple HTML Injection Vulnerabilities

Attackers can exploit these issues via a browser.

The following example URI is available:

http://www.example.com/news/search?q=sdf%22+ANY_SQL_HERE