• info
• discussion
• exploit
• solution
• references

TML CMS Multiple Input Validation Vulnerabilities

No exploit is required.

Proof of concept URI are available:

http://www.example.com/[ztml]/index.php?type=tpl&form=<h1> x1ng <h1/>

http://www.example.com/[ztml]/index.php?doc=unote&id=[sql]