An issue exists in servletcontroller in the secure portal in Publisure 2.1.2. One can bypass authentication and perform a query on PHP forms within the /AdminDir folder that should be restricted.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
publisure publisure 2.1.2 |