Bourbon Jean-marie

4 exploits Active since Sep 2019
CVE-2019-14251 WRITEUP HIGH WRITEUP
Temenos Channels R15.01 - Path Traversal
An issue was discovered in T24 in TEMENOS Channels R15.01. The login page presents JavaScript functions to access a document on the server once successfully authenticated. However, an attacker can leverage downloadDocServer() to traverse the file system and access files or directories that are outside of the restricted directory because WealthT24/GetImage is used with the docDownloadPath and uploadLocation parameters.
CVSS 7.5
CVE-2019-14252 WRITEUP HIGH WRITEUP
Publisure 2.1.2 - Authenticated Arbitrary PHP File Upload via adminCons.php
An issue was discovered in the secure portal in Publisure 2.1.2. Once successfully authenticated as an administrator, one is able to inject arbitrary PHP code by using the adminCons.php form. The code is then stored in the E:\PUBLISURE\webservice\webpages\AdminDir\Templates\ folder even if removed from the adminCons.php view (i.e., the rogue PHP file can be hidden).
CVSS 7.2
CVE-2019-14253 WRITEUP MEDIUM WRITEUP
Publisure 2.1.2 - Unauthenticated Authentication Bypass via Servlet Controller
An issue was discovered in servletcontroller in the secure portal in Publisure 2.1.2. One can bypass authentication and perform a query on PHP forms within the /AdminDir folder that should be restricted.
CVSS 6.5
CVE-2019-14254 WRITEUP CRITICAL WRITEUP
Publisure 2.1.2 - SQL Injection in userAccFunctions.php
An issue was discovered in the secure portal in Publisure 2.1.2. Because SQL queries are not well sanitized, there are multiple SQL injections in userAccFunctions.php functions. Using this, an attacker can access passwords and/or grant access to the user account "user" in order to become "Administrator" (for example).
CVSS 9.8