Main Vulnerability Database Exploits ID:3836 - Exploit for Input validation error in AdaptCMS - CVE-2015-1060

ID:3836 - Exploit for Input validation error in AdaptCMS - CVE-2015-1060

Published: August 9, 2020

Vulnerability identifier: #VU40945

Vulnerability risk: Medium

CVE-ID: CVE-2015-1060

CWE-ID: CWE-20

Exploitation vector: Remote access

Vulnerable software:
AdaptCMS

Link to public exploit:

https://www.exploit-db.com/exploits/35710/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Open redirect vulnerability in lib/Cake/Controller/Controller.php in AdaptCMS 3.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header. <a href="http://cwe.mitre.org/data/definitions/601.html">CWE-601: URL Redirection to Untrusted Site ('Open Redirect')</a>

Remediation

Install update from vendor's website.

ID:3836 - Exploit for Input validation error in AdaptCMS - CVE-2015-1060

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human