Lucene search
MitreVULNRICHMENT:CVE-2021-33990HistoryApr 16, 2023 - 12:00 a.m.
CVE-2021-33990
2023-04-1600:00:00
mitre
github.com
5
liferay portal 6.2.5
command fileupload
security vulnerability
AI Score
6.8
Confidence
Low
EPSS
0.066
Percentile
93.8%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
total
Liferay Portal 6.2.5 allows Command=FileUpload&Type=File&CurrentFolder=/ requests when frmfolders.html exists. NOTE: The vendor disputes this issue because the exploit reference link only shows frmfolders.html is accessible and does not demonstrate how an unauthorized user can upload a file.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:liferay:portal:6.2.5:*:*:*:*:*:*:*"
],
"vendor": "liferay",
"product": "portal",
"versions": [
{
"status": "affected",
"version": "6.2.5"
}
],
"defaultStatus": "unknown"
}
]Related
cve
cve
CVE-2021-33990
2023-04-16 04:15:07
cvelist
cvelist
CVE-2021-33990
2023-04-16 00:00:00
zdt
zdt
Liferay Portal 6.2.5 - Insecure Permissions Exploit
2023-04-05 00:00:00
packetstorm
packetstorm
Liferay Portal 6.2.5 Insecure Permissions
2023-04-05 00:00:00
prion
prion
Design/Logic Flaw
2023-04-16 04:15:00
nvd
nvd
CVE-2021-33990
2023-04-16 04:15:07
exploitdb
exploitdb
Liferay Portal 6.2.5 - Insecure Permissions
2023-04-05 00:00:00
openvas
openvas
Directory Scanner
2005-11-03 00:00:00
AI Score
6.8
Confidence
Low
EPSS
0.066
Percentile
93.8%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
total
Related for VULNRICHMENT:CVE-2021-33990