Lucene search
PRIOn knowledge basePRION:CVE-2010-5327HistoryJan 13, 2017 - 7:59 p.m.
Design/Logic Flaw
2017-01-1319:59:00
PRIOn knowledge base
www.prio-n.com
1
Liferay Portal through 6.2.10 allows remote authenticated users to execute arbitrary shell commands via a crafted Velocity template.
| CPE | Name | Operator | Version |
|---|---|---|---|
| liferay_portal | le | 6.2.10 |
References
dev.liferay.com/web/community-security-team/known-vulnerabilities
dev.liferay.com/web/community-security-team/known-vulnerabilities/-/asset_publisher/4AHAYapUm8Xc/content/lps-64547-remote-code-execution-and-privilege-escalation-in-templates
github.com/liferay/liferay-portal/commit/90c4e85a8f8135f069f3f05e4d54a77704769f91
issues.liferay.com/browse/LPE-14964
issues.liferay.com/browse/LPS-64547
issues.liferay.com/browse/LPS-7087
Related
veracode
veracode
Remote Code Execution (RCE)
2020-06-01 02:43:02
github
github
Shell command injection in Liferay Portal
2022-05-17 03:05:00
cve
cve
CVE-2010-5327
2017-01-13 19:59:00
osv
osv
Shell command injection in Liferay Portal
2022-05-17 03:05:00
cvelist
cvelist
CVE-2010-5327
2017-01-13 19:00:00
nvd
nvd
CVE-2010-5327
2017-01-13 19:59:00