Home / exploits AdaptCMS 3.0.1 Cross Site Scripting
Posted on 12 October 2013
AdaptCMS 3.0.1 Cross Site Scripting Vulnerability Author : syst3m_f4ult Homepage : http://www.adaptcms.com/ Vendor : Adapt CMS Version : 3.0.1 (probably all versions) Tested on : ubuntu 12.04 Date : 2013-10-11 ----------------------------------------------------------------------- I. POC & Exploit ----------------------------------------------------------------------- The following page is vulnerable to XSS (Method: POST): http://localhost/search <http://localhost/login/> [data[Search][q] parameter] Insert the following code inside the search box and hit Enter <script>alert('syst3m_f4ult')</script> Demo: http://www.solitudeisbliss.com/search/ http://www.insanevisions.com/search/
