Liferay XSL - Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'activesupport/json'...

Liferay Portal < 6.0.6 Multiple Vulnerabilities

According to its self-reported version number, the installation of Liferay Portal hosted on the remote web server is affected by multiple vulnerabilities : - An arbitrary file download vulnerability exists when Apache Tomcat is used, which allows remote, authenticated users to download arbitrary...

Liferay XSL Command Execution

Exploit for windows platform in category remote exploits $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

CVE-2011-1571

Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition CE 5.x and 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote attackers to execute arbitrary commands via unknown vectors...

CVE-2011-1571

Summary: CVE-2011-1571 affects the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA when used with Apache Tomcat . The vulnerability is described as an unspecified vulnerability that allows remote attackers to execute arbitrary commands via unknown vectors....