cve/CVE-2019-14254.md at 594c8e952101730b1f9f9e6ac2afce8de85a4446

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

An issue was discovered in the secure portal in Publisure 2.1.2. Because SQL queries are not well sanitized, there are multiple SQL injections in userAccFunctions.php functions. Using this, an attacker can access passwords and/or grant access to the user account "user" in order to become "Administrator" (for example).

POC

Reference

https://github.com/kmkz/exploit/blob/master/PUBLISURE-EXPLOIT-CHAIN-ADVISORY.txt

Github

No PoCs found on GitHub currently.

833 B Raw Blame History

CVE-2019-14254

Description

POC

Reference

Github

833 B

Raw Blame History