Liferay 6.1 Name / Email Address Disclosure

Diskutiere Liferay 6.1 Name / Email Address Disclosure im Security News Forum im Bereich Security Talk; Liferay version 6.1 suffers from a vulnerability where it is possible to retrieve the names and email addresses of all users. Proof of concept...

  1. #1 newsbot, 16.05.2012
    newsbot

    newsbot Foren Gott

    Dabei seit:
    26.11.2007
    Beiträge:
    9.920
    Zustimmungen:
    1
    Liferay version 6.1 suffers from a vulnerability where it is possible to retrieve the names and email addresses of all users. Proof of concept code included.

    Weiterlesen...
     
Thema:

Liferay 6.1 Name / Email Address Disclosure

Die Seite wird geladen...

Liferay 6.1 Name / Email Address Disclosure - Ähnliche Themen

  1. Liferay 6.1 No Account Access Bypass

    Liferay 6.1 No Account Access Bypass: Liferay version 6.1 suffers from a circumvention issue when restricting access to ip blocks. Proof of concept exploit included. Weiterlesen...
  2. Liferay 6.1 Cross Site Request Forgery

    Liferay 6.1 Cross Site Request Forgery: Liferay version 6.1 is vulnerable to JSON-related cross site request forgery attacks. Proof of concept code is included. Weiterlesen...
  3. Liferay JSON Request Control Takeover

    Liferay JSON Request Control Takeover: Liferay Portal suffers from a takeover vulnerability due to a single HTTP request allowing an attacker to reconfigure which memcached to use....
  4. Liferay 6.1 Default Configuration Compromise

    Liferay 6.1 Default Configuration Compromise: By utilizing the json webservices exposed in Liferay Portal version 6.1 you can register a new user with any role in the system, including the...
  5. Liferay 6.0.5 ce WebDAV File Reading

    Liferay 6.0.5 ce WebDAV File Reading: By creating a specially crafted webdav request that contains an external entity it is possible to read files from Liferay Portal version 6.0.5 ce....