Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
CVE-2012-3373 | CWE-434 | $1500 | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Unknown | High | Remote | 2018-05-06 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.02192 | 0.50148 |
[+] Title: LifeRay (Fckeditor) Arbitrary File Upload Vulnerability [+] Date: 2018/05/05 [+] Author: Mostafa Gharzi [+] Team: Maher - CertCC.ir [+] Vendor Homepage: www.liferay.com [+] Tested on: Windows 10 & Kali Linux [+] Versions: 6.2.X and Before [+] Vulnerable Parameter: Get Method [+] Vulnerable File: /browser/liferay/browser.html?Type= [+} Dork : inurl:/web/guest/ inurl:/html/js/editor/fckeditor/ ### Notes: LifeRay 6.2.X and Before allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. Uploaded files represent a significant risk to applications. The first step in many attacks is to get some code to the system to be attacked. Then the attack only needs to find a way to get the code executed. Using a file upload helps the attacker accomplish the first step.The consequences of unrestricted file upload can vary, including complete system takeover, an overloaded file system or database, forwarding attacks to back-end systems, client-side attacks, or simple defacement. It depends on what the application does with the uploaded file and especially where it is stored. ### POC: [+] http://site/html/js/editor/fckeditor/editor/filemanager/browser/liferay/browser.html ### Credit: [+] CertCC.ir
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.