Lucene search
+L

7 matches found

vulnersOsv
vulnersOsv
added 2023/04/16 2:2 p.m.5 views

au.com.permeance:liferay-clojure-integration (=0.1), br.com.thiagomoreira.liferay.plugins.bootstrap-jumbotron-app:bootstrap-jumbotron-app (>=1.0.0 <=1.0.1) +101 more potentially affected by CVE-2021-33990 via com.liferay.portal:portal-service (>=6.0.2 <=6.2.4)

com.liferay.portal:portal-service MAVEN version =6.0.2, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.2.0 - br.com.thiagomoreira.liferay.plugins.lorem-ipsum-button-app:hooks =1.0.0 - br.com.thiagomoreira.liferay.plugins.lorem-ipsum-button-app:lorem-ipsum-button-app =1.0.0 -...

9.8CVSS7.2AI score0.11915EPSS
Exploits4
NVD
NVD
added 2023/04/16 4:15 a.m.98 views

CVE-2021-33990

Liferay Portal 6.2.5 allows Command=FileUpload&Type=File&CurrentFolder=/ requests when frmfolders.html exists. NOTE: The vendor disputes this issue because the exploit reference link only shows frmfolders.html is accessible and does not demonstrate how an unauthorized user can upload a file...

9.8CVSS9.5AI score0.11915EPSS
Exploits4References2
OSV
OSV
added 2023/04/16 4:15 a.m.8 views

CVE-2021-33990

Liferay Portal 6.2.5 allows Command=FileUpload&Type=File&CurrentFolder=/ requests when frmfolders.html exists. NOTE: The vendor disputes this issue because the exploit reference link only shows frmfolders.html is accessible and does not demonstrate how an unauthorized user can upload a file...

9.8CVSS6.7AI score
Exploits0References2
CVE
CVE
added 2023/04/16 12:0 a.m.599 views

CVE-2021-33990

Liferay Portal 6.2.5 is reported vulnerable to an insecure permissions issue that allows a Command=FileUpload&Type=File&CurrentFolder=/ request when frmfolders.html exists. The CVE-2021-33990 entries (NVD/Red Hat/CVE List) describe this as an improper privilege/permission scenario, with high risk...

9.8CVSS9.3AI score0.11915EPSS
Exploits4References2Affected Software1
Packet Storm
Packet Storm
added 2023/04/05 12:0 a.m.284 views

Liferay Portal 6.2.5 Insecure Permissions

Exploit Title: Liferay Portal 6.2.5 - Insecure Permissions Google Dork: -inurl:/html/js/editor/ckeditor/editor/filemanager/browser/ Date: 2021/05 Exploit Author: fu2x2000 Version: Liferay Portal 6.2.5 or later CVE : CVE-2021-33990 import requests import json print " Search this on Google Dork for...

9.4AI score0.11915EPSS
Exploits4
0day.today
0day.today
added 2023/04/05 12:0 a.m.238 views

Liferay Portal 6.2.5 - Insecure Permissions Exploit

Exploit Title: Liferay Portal 6.2.5 - Insecure Permissions Google Dork: -inurl:/html/js/editor/ckeditor/editor/filemanager/browser/ Exploit Author: fu2x2000 Version: Liferay Portal 6.2.5 or later CVE : CVE-2021-33990 import requests import json print " Search this on Google Dork for liferay...

9.8CVSS9.2AI score0.11915EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/04/05 12:0 a.m.213 views

Liferay Portal 6.2.5 - Insecure Permissions

Exploit Title: Liferay Portal 6.2.5 - Insecure Permissions Google Dork: -inurl:/html/js/editor/ckeditor/editor/filemanager/browser/ Date: 2021/05 Exploit Author: fu2x2000 Version: Liferay Portal 6.2.5 or later CVE : CVE-2021-33990 import requests import json print " Search this on Google Dork for...

9.8CVSS9.8AI score0.11915EPSS
Exploits4
Rows per page
Query Builder