Read Time:23 Second
Posted by Andrey Stoykov on Feb 13
# Exploit Title: Stored XSS and RCE – adaptcmsv3.0.3
# Date: 02/2024
# Exploit Author: Andrey Stoykov
# Version: 3.0.3
# Tested on: Ubuntu 22.04
# Blog: http://msecureltd.blogspot.com
*Description*
– It was found that adaptcms v3.0.3 was vulnerable to stored cross
site scripting
– Also the application allowed the file upload functionality to upload
PHP files which resulted in remote code execution
*Stored XSS*
*Steps to Reproduce:*
1….