AdaptCMS 3.0.3 Remote Command Execution

AdaptCMS version 3.0.3 suffers from an authenticated arbitrary command execution vulnerability. The issue is caused due to the improper verification of uploaded files. This can be exploited to execute arbitrary PHP code by creating or uploading a malicious PHP script file that will be stored in ‘appwebrootuploads’ directory.

Leave a Reply