Quantcast
Channel: MondoUnix » LIFERAY
Browsing latest articles
Browse All 7 View Live

Liferay XSL Command Execution

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # Framework web site for more information on licensing...

View Article



Liferay 6.0.x Webdav File Reading Vulnerability

Specially crafted webdav request allows reading of local files on liferay 6.0.x Description: Liferay Portal is an enterprise portal written in Java By creating a specially crafted webdav request that...

View Article

Liferay Portal 6.1 – 6.0.x Privilege Escalation

Liferay users can assign themselves to organizations, leading to possible privilege escalation   Description:   Liferay Portal is an enterprise portal written in Java   Due to insufficient permission...

View Article

Liferay multiple xss vulnerability

Multiple xss issues in Liferay   Description:   Liferay Portal is an enterprise portal written in Java   Multiple xss vulnerabilities where found in liferay. Because liferay has a "remember me" option...

View Article

Liferay JSON Server API Authentication

=============================================   - Release date: August 3rd, 2012   - Discovered by: Danilo Massa & Enrico Cinquini   - Severity: High...

View Article


XSS vulnerability in swfupload in TinyMCE, SPIP, Radiant CMS, AionWeb,...

I will draw your attention to XSS vulnerability in other web applications with swfupload. Earlier I've wrote about swfupload in AionWeb, Magento, Liferay Portal, SurgeMail, symfony and that this hole...

View Article

XSS vulnerability in web applications with swfupload: AionWeb, Magento,...

This is update to my advisory XSS vulnerability in web applications with swfupload: AionWeb, Magento, Liferay Portal, SurgeMail, symfony (http://securityvulns.ru/docs28761.html).   After my...

View Article
Browsing latest articles
Browse All 7 View Live




Latest Images