exploitDog

CVE-2019-14253

Опубликовано: 18 сент. 2019

Источник: nvd

CVSS3: 6.5

CVSS2: 6.4

EPSS Низкий

Описание

An issue was discovered in servletcontroller in the secure portal in Publisure 2.1.2. One can bypass authentication and perform a query on PHP forms within the /AdminDir folder that should be restricted.

Ссылки

https://github.com/kmkz/exploit/blob/master/PUBLISURE-EXPLOIT-CHAIN-ADVISORY.txt
Exploit
Third Party Advisory
https://github.com/kmkz/exploit/blob/master/PUBLISURE-EXPLOIT-CHAIN-ADVISORY.txt
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:publisure:publisure:2.1.2:*:*:*:*:*:*:*

EPSS

Процентиль: 43%

0.00207

Низкий

6.5 Medium

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-306

Связанные уязвимости

GHSA-vv56-qq2g-qg77

github

больше 3 лет назад

An issue was discovered in servletcontroller in the secure portal in Publisure 2.1.2. One can bypass authentication and perform a query on PHP forms within the /AdminDir folder that should be restricted.

EPSS

Процентиль: 43%

0.00207

Низкий

6.5 Medium

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-306