9.3
CVSSv2

CVE-2011-1571

Published: 07/05/2011 Updated: 31/05/2011
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 935
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x prior to 6.0.6 GA, when Apache Tomcat is used, allows remote attackers to execute arbitrary commands via unknown vectors.

Vulnerability Trend

Affected Products

Vendor Product Versions
LiferayPortal5.0.0, 5.0.1, 5.1.0, 5.1.1, 5.1.2, 5.2.0, 5.2.1, 5.2.2, 5.2.3, 6.0.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5

Exploits

## # $Id$ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' require 'active_support/json' class Metasploit3 < Msf::E ...

Github Repositories

CVE-2011-1571 Summary Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5x and 6x before 606 GA, when Apache Tomcat is used, allows remote attackers to execute arbitrary commands via unknown vectors CVE Detail : wwwcvedetailscom/cve/CVE-2011-1571/ PoC : xhemyxwikiorg/xwiki/bin/view/XSLT/Application_Liferay Met