Multiple unrestricted file upload vulnerabilities in MTCMS 3.2 allow remote attackers to upload and execute files via (1) an avatar upload in an add_down action, or (2) an add_link action.
CVSS Score
7.5
EPSS Score
0.006
Published
2007-02-27