Zenario CMS version 7.0.2d suffers from cross site scripting and open redirection vulnerabilities.