By utilizing the json webservices exposed in Liferay Portal version 6.1 you can register a new user with any role in the system, including the built in administrator role. Proof of concept included.
3f6c3c5b9e5e27e968adbe87afc167aa13e200b89a6647cbde10d03c9a021bacHotel Booking Portal version 0.1 suffers from cross site scripting and remote SQL injection vulnerabilities.
256b6d0f295a339e04943601e44942aae79e9b08c4b1430be39582ee5d729968ESCON SupportPortal Pro version 3.0 suffers from a stored cross site scripting vulnerability.
276e0b8f015732fce0ae5dbd7e7bdd804d1aa558b1f1268b2d84dc292f750351PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
04d68118540aa72d1079d73c6cbd5d757435496db0dd4e260130a127a8844be7Tekno.Portal version 0.1b suffers from a remote blind SQL injection vulnerability in link.php. This version was already known to have issues with SQL injection since 2010.
c71eed1836a67943fa03e0218fb566e5956562284ee6c837a7ec26e30d887446ocPortal CMS versions 7.1.5 and below are vulnerable to open URL redirection.
353cd4c439e094016caa438e0e165cbccde2fc29c1d867a80b2e7e755c9e4333Red Hat Security Advisory 2012-1109-01 - JBoss Application Server is the base package for JBoss Enterprise Portal Platform, providing the core server components. The Java Naming and Directory Interface Java API allows Java software clients to locate objects or services in an application server. It was found that the JBoss JNDI service allowed unauthenticated, remote write access by default. The JNDI and HA-JNDI services, and the HAJNDIFactory invoker servlet were all affected. A remote attacker able to access the JNDI service, HA-JNDI service, or the HAJNDIFactory invoker servlet on a JBoss server could use this flaw to add, delete, and modify items in the JNDI tree. This could have various, application-specific impacts.
78dd41f8b5b34025ec971ccb9596f9551cde8d2534b3816a8c8e07e50a8da9efSecunia Security Advisory - A vulnerability has been reported in Oracle Portal, which can be exploited by malicious people to manipulate certain data.
928114f8b9053db227ebed1159952f58fc357f0c51062df46a310ad4d6b94af2Netsweeper Internet Filter suffers from cross site scripting and cross site request forgery vulnerabilities in the WebAdmin portal.
4bd4e67cc0eb876ff9cc96b4c11b92ea9c443472e744412fd9c45d3c23ad06abSecunia Security Advisory - A vulnerability has been reported in IBM WebSphere Portal, which can be exploited by malicious people to disclose potentially sensitive information.
8a1255757f651dd5f4b8c93e7d95f2d598843210aa0ffd2dd453601e5f3b8f38Secunia Security Advisory - Vulnerability Laboratory Research has reported multiple vulnerabilities in Jobs Portal, which can be exploited by malicious users to conduct script insertion and SQL injection attacks.
24b1e2ed73141ce80a233b9a684c71cf7bf5c2464f841f3e5e3949ecc3c16c3fPacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
74b9505aefce9b9b5e02bc6eb31e0b44de771b4a3fd5c73edbb8c4870f56a7d2Jobs Portal version 3.0 suffers from remote SQL injection and cross site scripting vulnerabilities.
a99fcd0bd41bc6f9abd28a43cd0fd0e0ed3f34ede832e0246bf2c24b0f585df8This Metasploit module exploits a remote code execution vulnerability in the tsgetx71ex553.dll ActiveX control installed with Tom Sawyer GET Extension Factory due to an incorrect initialization under Internet Explorer. While the Tom Sawyer GET Extension Factory is installed with some versions of VMware Infrastructure Client, this module has been tested only with the versions installed with Embarcadero Technologies ER/Studio XE2 / Embarcadero Studio Portal 1.6. The ActiveX control tested is tsgetx71ex553.dll, version 5.5.3.238. This Metasploit module achieves DEP and ASLR bypass using the well known msvcr71.dll rop chain. The dll is installed by default with the Embarcadero software, and loaded by the targeted ActiveX.
9ea26d2b6cb47fda41b9580e28eab68d2c736833da3e4ee9317fb28219b79c3fSecunia Security Advisory - Multiple vulnerabilities have been reported in Liferay Portal, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
d34160e0a3395a5b4d010de6e744c746abeeebe6e86eb04a34ccf72137ab90c1Secunia Security Advisory - Two vulnerabilities have been reported in Liferay Portal, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to compromise a vulnerable system.
4dc1a1f9b93161b8d29f7ec9e1b94695cc8f8ee2fbc4c92f412fcca9e26fb8d5Liferay Portal suffers from a privilege escalation issue due to an insufficient permissions check in the updateOrganizations method of UserService.
4c1ad3c260bfe325b9aead7258ea230d32d644be3b58cca2627419a584adc85bUiga Personal Portal suffers from a remote SQL injection vulnerability in index2.php.
b9152582b0c4f0b77c7e1db220fcefc393f21d4e2076d4a38a60087190e6ac5dFlirtPortal Script suffers from cross site scripting and remote SQL injection vulnerabilities.
c9d6b60ae6be968eb4af63c0f48ff6ecb8a4a072ed5d0fe9a2c3756139950c12Secunia Security Advisory - the_storm has reported a vulnerability in Car Portal CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks.
69c71994ab9e66698a9d6899c363fdfcd8c4470086bb6cefd6c0f7b14bb7c9d9Car Portal CMS version 3.0 suffers from cross site request forgery, cross site scripting, and shell upload vulnerabilities.
016eb43689724108c0b719601b4797e2a9308603f6fad4d20c86d624f8360dc5Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise Portal Platform. This fixes a security issue and two vulnerabilities, which can be exploited by malicious people to manipulate certain data and disclose potentially sensitive information.
cf49e0f1fa6aee8fcedff16c76c7c1395d44eb2c319e3a6d8a8005ca2712e68dRed Hat Security Advisory 2012-0519-01 - JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middleware components that have been tested and certified together to provide an integrated experience. This release of JBoss Enterprise Portal Platform 5.2.1 serves as a replacement for JBoss Enterprise Portal Platform 5.2.0, and includes bug fixes.
4c2d7e867f2236c82154ad3fdca5b623e021c311c49562d7e1ef097fb83249f5Secunia Security Advisory - Jelmer Kuperus has discovered a vulnerability in Liferay Portal, which can be exploited by malicious people to bypass certain security restrictions.
41cc8f47ed19077bdbc4f4d32bc478a4af929eb954e60d3fce8d24c661811585Secunia Security Advisory - A vulnerability has been reported in Oracle PeopleSoft Enterprise Portal, which can be exploited by malicious users to manipulate certain data.
f4391e84433e11602388064596f7d0cef7e5ccbcf04b0fb69c58bf5cf497f11dBy creating a specially crafted webdav request that contains an external entity it is possible to read files from Liferay Portal version 6.0.5 ce. Proof of concept code included.
3cd00ba5d2fefa08a9eafaa941c8ee4bdbf23dae39cb2ccf5da00cbf88d064e4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed