CVE-2019-12102

CRITICAL

Kentico Xperience 11.0.0-12.0 - Unauthenticated Arbitrary File Upload and Exposure via Media Library Live Selector

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2019-12102. PoCs published by Egi08, Gr4y21.

AI-analyzed exploit summary The repository contains a Python-based scanner for CVE-2019-12102, which targets an unauthenticated file upload/exposure vulnerability in Kentico CMS versions 11 to 12. The tool checks for the presence of a vulnerable endpoint and verifies the response to determine potential or confirmed vulnerability status.

Description

Kentico 11 through 12 lets attackers upload and explore files without authentication via the cmsmodules/medialibrary/formcontrols/liveselectors/insertimageormedia/tabs_media.aspx URI. NOTE: The vendor disputes the report because the researcher did not configure the media library permissions correctly. The vendor states that by default all users can read/modify/upload files, and it’s up to the administrator to decide who should have access to the media library and set the permissions accordingly. See the vendor documentation in the references for more information

Exploits (2)

nomisec SCANNER

by Egi08 · poc

https://github.com/Egi08/CVE-2019-12102-Scanner

View Code ZIP pw:eip

The repository contains a Python-based scanner for CVE-2019-12102, which targets an unauthenticated file upload/exposure vulnerability in Kentico CMS versions 11 to 12. The tool checks for the presence of a vulnerable endpoint and verifies the response to determine potential or confirmed vulnerability status.

Classification

Scanner 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Kentico CMS versions 11 to 12

No auth needed

Prerequisites: List of target domains

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

github NO CODE

by Gr4y21 · poc

https://github.com/Gr4y21/My-CVE-IDs/tree/master/CVE-2019-12102

View Code ZIP pw:eip

References (4)

Core 4

Core References

Release Notes, Vendor Advisory x_refsource_misc

https://docs.kentico.com/k12/release-notes-kentico-12

Vendor Advisory x_refsource_misc

https://devnet.kentico.com/download/hotfixes

Broken Link x_refsource_misc

https://github.com/Gr4y21/My-CVE-IDs/blob/master/Kentico%20CMS%20Unauthenticated%20File%20Upload%20and%20File%20Exposure

Various Sources x_refsource_misc

https://docs.kentico.com/k12/configuring-kentico/configuring-the-environment-for-content-editors/configuring-media-libraries/assigning-permissions-to-media-libraries

Scores

CVSS v3 9.1

EPSS 0.0216

EPSS Percentile 79.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-732

Status published

Products (1)

kentico/xperience 11.0.0 - 12.0

Published May 22, 2019

Tracked Since Feb 18, 2026