LifeRay CMS (Fckeditor) Arbitrary File Upload Vulnerability

2020.04.10
fr h4shur (FR) fr
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-434
Dork: inurl:/web/guest/

[+] Title: LifeRay CMS (Fckeditor) Arbitrary File Upload Vulnerability [+] Date: 2020/04/10 [+] Author: h4shur [+] Team: Persian Security Group [+] Vendor Homepage: www.liferay.com [+] Software Link: www.liferay.com [+] Tested on: Windows 10 [+] Category : Web Application Bugs [+} Dork : inurl:/web/guest/ inurl:/html/js/editor/fckeditor/ ### Notes: LifeRay allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. Uploaded files represent a significant risk to applications. ### POC: [+] http://site/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html ### Demo: [+] http://asd-ssg.org/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html [+] http://www.ap239.org/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html [+] http://franchise.hrblock.com.au/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html [+] http://www.eof.gr/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html [+] http://asd-ssg.org/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html [+] http://securefile.co/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html ### Special Thanks: * Po0ri4 & b4ckdo0r ### Contact Me : * Telegram : @h4shur * Email : h4shursec@gmail.com * Instagram : @netedit0r * twitter : @h4shur


See this note in RAW Version
Vote for this issue:
55%
45%

Comment it here.
Emanuell David | Date: 2020-04-10 09:39 CET+1
Why do you share this exploit twice ? Please search before you publish yours. This exploit had been shared many times. Your publishing date is 10/04/2020 Please search CXSecurity and other Exploit Sites before you publish yours @h4shur This exploit had been discovered by Another Hacker on Internet. Why do you copy paste change with your text ? Here is the proofs => Liferay Portal File Upload Vulnerability (FCKEditor) => Published: 08-06-2015 http://www.exploit4arab.org/exploits/1536 Liferay FCKeditor Configuration Arbitrary File Upload Vulnerability ( 2018 May 7 ) https://tools.cisco.com/security/center/viewAlert.x?alertId=578154 LifeRay (Fckeditor) Arbitrary File Upload Vulnerability ( 2018.05.06 ) https://cxsecurity.com/issue/WLB-2018050029 LifeRay - Arbitrary file upload ( 9 May 2018 ) https://www.youtube.com/watch?v=U4vmWVLV_Cw http://www.security-db.com/Liferay.html ( 2018-05-07 ) LifeRay (Fckeditor) Arbitrary File Upload Vulnerability ( 674 hits since 2018-05-06 ) https://www.phpsecure.info/go/163102.html Dear Friend @h4shur, please search Exploits on Internet before you publish u understand ? Admin please ban this user ( h4shur ) for 30 days. Have a nice day.
John sundy | Date: 2020-04-18 08:18 CET+1
Goooooooood Thank you.♡
h4shur | Date: 2020-04-18 08:45 CET+1
Hello dear admin As my good friend Emanuell David said, h4shur hasn't searched for resources before, so it's completely wrong. h4shur searched all sources and there were the following exploits for liferay cms: site.com/html/js/editor/fckeditor/editor/filemanager/connectors/uploadtest.html site.com/html/js/editor/fckeditor/editor/filemanager/connectors/test.html http: //site/html/js/editor/fckeditor/editor/filemanager/browser/liferay/browser.html But h4shur has discovered the following exploits from liferay: http: //site/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html With a little care, it can be seen that Ibn Exploit did not exist before. Exploit below http: //site/html/js/editor/fckeditor/editor/filemanager/browser/liferay/browser.html It is very similar to the exploit found by h4shur. (Http: //site/html/js/editor/fckeditor/editor/filemanager/browser/default/browser.html) But this exploit exists in another folder (liferay) and the exploit found by h4shur is in another folder (default). Please forbid my dear friend Emanuell David for 30 days.
No1vs2 | Date: 2020-06-04 08:30 CET+1
Help me pls. i cant uploaded files to sites. I received this message: "Upload a new file in this folder (Upload in progress, please wait...)"
Copyright 2025, cxsecurity.com

 

Back to Top