10 matches found
EUVD-2022-7438
Malicious code in bioql PyPI...
CVE-2020-28885
Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An administrator user can inject commands through the Gogo Shell module to execute any OS command on the Liferay Portal Sever. NOTE: The developer disputes this as a vulnerability since it is a feature for...
CVE-2020-28884
Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An administrator user can inject Groovy script to execute any OS command on the Liferay Portal Sever. NOTE: The developer disputes this as a vulnerability since it is a feature for administrators to run groo...
CVE-2020-28885
Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An administrator user can inject commands through the Gogo Shell module to execute any OS command on the Liferay Portal Sever. NOTE: The developer disputes this as a vulnerability since it is a feature for...
CVE-2020-28885
CVE-2020-28885 affects Liferay Portal Server 7.3.5 GA6 and 7.2.0 GA1. An administrator can inject OS commands via the Gogo Shell module, enabling execution of arbitrary OS commands on the server. Documented impact includes high confidentiality, integrity, and availability risk. Some sources note ...
PT-2022-8910 · Liferay · Liferay Portal Server
Name of the Vulnerable Software and Affected Versions: Liferay Portal Server versions 7.2.0 GA1 through 7.3.5 GA6 Description: The issue allows an administrator user to inject commands through the Gogo Shell module, enabling the execution of any OS command on the Liferay Portal Server. This is...
CVE-2020-28884
Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An administrator user can inject Groovy script to execute any OS command on the Liferay Portal Sever. NOTE: The developer disputes this as a vulnerability since it is a feature for administrators to run groo...
CVE-2020-28884
Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An administrator user can inject Groovy script to execute any OS command on the Liferay Portal Sever. NOTE: The developer disputes this as a vulnerability since it is a feature for administrators to run groo...
PT-2022-8909 · Liferay · Liferay Portal Server
Name of the Vulnerable Software and Affected Versions: Liferay Portal Server versions 7.2.0 GA1 through 7.3.5 GA6 Description: The issue allows an administrator user to inject Groovy script, enabling the execution of any OS command on the Liferay Portal Server. This is disputed by the developer a...
CVE-2020-28884
Liferay Portal Server versions 7.3.5 GA6 and 7.2.0 GA1 are affected by an OS command injection via Groovy Script execution. The underlying issue allows an administrator to inject Groovy scripts to run arbitrary OS commands on the Liferay Portal Server, requiring administrator privileges (PR:H) an...