CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Adapt CMS version 3.0.3 suffers from a persistent cross site scripting vulnerability via file upload. Exploit Title: Stored XSS via File Upload - adaptcmsv3.0.3 Date: 06/2025 Exploit Author: Andrey Stoykov Version: 3.0.3 Tested on: Debian 12 Blog: https://msecureltd.blogspot.com/ Stored XSS via...

6.6AI score

Exploits0

Packet Storm•added 2025/06/03 12:0 a.m.•147 views

📄 Adapt CMS 3.0.3 Remote Shell Upload

Adapt CMS version 3.0.3 suffers from a remote shell upload vulnerability. Exploit Title: Authenticated File Upload to RCE - adaptcmsv3.0.3 Date: 06/2025 Exploit Author: Andrey Stoykov Version: 3.0.3 Tested on: Debian 12 Blog: https://msecureltd.blogspot.com/ Authenticated File Upload to RCE 1:...

7.5AI score

Exploits0

RedhatCVE•added 2025/05/22 4:27 a.m.•2 views

CVE-2011-3698

AdaptCMS 2.0.2 Beta allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by inc/pollvote.php and certain other files...

5CVSS6.5AI score0.00283EPSS

Exploits1References1

0day.today•added 2024/02/15 12:0 a.m.•441 views

Adapt CMS 3.0.3 Cross Site Scripting / Shell Upload Vulnerabilities

Exploit Title: Stored XSS and RCE - adaptcmsv3.0.3 Exploit Author: Andrey Stoykov Version: 3.0.3 Tested on: Ubuntu 22.04 Blog: http://msecureltd.blogspot.com Description - It was found that adaptcms v3.0.3 was vulnerable to stored cross site scripting - Also the application allowed the file uploa...

7.4AI score

Exploits0

Packet Storm•added 2024/02/14 12:0 a.m.•390 views

Adapt CMS 3.0.3 Cross Site Scripting / Shell Upload

Exploit Title: Stored XSS and RCE - adaptcmsv3.0.3 Date: 02/2024 Exploit Author: Andrey Stoykov Version: 3.0.3 Tested on: Ubuntu 22.04 Blog: http://msecureltd.blogspot.com Description - It was found that adaptcms v3.0.3 was vulnerable to stored cross site scripting - Also the application allowed...

7.4AI score

Exploits0

Github Security Blog•added 2022/05/02 12:10 a.m.•5 views

AdaptCMS SQL Injection vulnerability

SQL injection vulnerability in the "Check User" feature includes/checkuser.php in AdaptCMS Lite and AdaptCMS Pro 1.3 allows remote attackers to execute arbitrary SQL commands via the username parameter...

7.5CVSS9AI score0.0138EPSS

Exploits0References6Affected Software1

OSV•added 2022/05/02 12:10 a.m.•5 views

GHSA-QRW3-MQ8R-CQ7Q AdaptCMS SQL Injection vulnerability

9.3CVSS8.3AI score0.0138EPSS

Exploits0References6

GitLab Advisory Database•added 2022/05/02 12:0 a.m.•5 views

AdaptCMS SQL Injection vulnerability

7.5CVSS8.7AI score0.0138EPSS

Exploits0References6Affected Software1

Packet Storm•added 2015/05/07 12:0 a.m.•17 views

AdaptCMS 3.0 Cross Site Scripting

Affected software: adaptcms Type of vulnerability:xss URL:adaptcms.com Discovered by: provensec Website: provensec.com version: AdaptCMS 3.0 Proof of concept goto site/category/ add new category with xss payload " open category and javascript will execute...

0.2AI score

Exploits0

NVD•added 2015/01/16 3:59 p.m.•11 views

CVE-2015-1060

Open redirect vulnerability in lib/Cake/Controller/Controller.php in AdaptCMS 3.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header...

5.8CVSS6.6AI score0.09115EPSS

Exploits2References5

NVD•added 2015/01/16 3:59 p.m.•22 views

CVE-2015-1059

Unrestricted file upload vulnerability in admin/files/add in AdaptCMS 3.0.3 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in /app/webroot/uploads...

6.5CVSS7.2AI score0.04493EPSS

Exploits2References5

NVD•added 2015/01/16 3:59 p.m.•12 views

CVE-2015-1058

Multiple cross-site scripting XSS vulnerabilities in AdaptCMS 3.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 dataCategorytitle parameter to admin/categories/add, 2 dataFieldtitle parameter to admin/fields/ajaxfields/, 3 name property in a basicInfo JSON object to...

4.3CVSS5.8AI score0.14042EPSS

Exploits2References9

Prion•added 2015/01/16 3:59 p.m.•18 views

Cross site scripting

4.3CVSS6AI score0.14042EPSS

Exploits2References9Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by