Vulnerabilities > CVE-2015-1060 - Unspecified vulnerability in Insanevisions Adaptcms 3.0.3
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN insanevisions
exploit available
Summary
Open redirect vulnerability in lib/Cake/Controller/Controller.php in AdaptCMS 3.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | AdaptCMS 3.0.3 - Multiple Vulnerabilities. CVE-2015-1059. Webapps exploit for php platform |
| file | exploits/php/webapps/35710.py |
| id | EDB-ID:35710 |
| last seen | 2016-02-04 |
| modified | 2015-01-06 |
| platform | php |
| port | 80 |
| published | 2015-01-06 |
| reporter | LiquidWorm |
| source | https://www.exploit-db.com/download/35710/ |
| title | AdaptCMS 3.0.3 - Multiple Vulnerabilities |
| type | webapps |
References
- http://osvdb.org/show/osvdb/116721
- http://osvdb.org/show/osvdb/116721
- http://packetstormsecurity.com/files/129813/AdaptCMS-3.0.3-HTTP-Referer-Header-Open-Redirect.html
- http://packetstormsecurity.com/files/129813/AdaptCMS-3.0.3-HTTP-Referer-Header-Open-Redirect.html
- http://www.exploit-db.com/exploits/35710
- http://www.exploit-db.com/exploits/35710
- http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5219.php
- http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5219.php
- https://exchange.xforce.ibmcloud.com/vulnerabilities/99618
- https://exchange.xforce.ibmcloud.com/vulnerabilities/99618