A vulnerability was found in Publisure 2.1.2. It has been rated as critical. Affected by this issue is an unknown part of the file adminCons.php of the component Secure Portal. The manipulation as part of a PHP File leads to a unrestricted upload vulnerability. Using CWE to declare the problem leads to CWE-434. The product allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. Impacted is confidentiality, integrity, and availability. CVE summarizes:

An issue was discovered in the secure portal in Publisure 2.1.2. Once successfully authenticated as an administrator, one is able to inject arbitrary PHP code by using the adminCons.php form. The code is then stored in the E:\PUBLISURE\webservice\webpages\AdminDir\Templates\ folder even if removed from the adminCons.php view (i.e., the rogue PHP file can be hidden).

The weakness was released 09/18/2019. This vulnerability is handled as CVE-2019-14252 since 07/24/2019. The attack may be launched remotely. A simple authentication is necessary for exploitation. There are known technical details, but no exploit is available. The MITRE ATT&CK project declares the attack technique as T1608.002.

By approaching the search of inurl:adminCons.php it is possible to find vulnerable targets with Google Hacking.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Entries connected to this vulnerability are available at VDB-141958 and VDB-141957. If you want to get best quality of vulnerability data, you may have to visit VulDB.

Productinfo

Name

• Publisure

Version

• 2.1.2

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion