CVE-2012-1469

CVE-2012-1469 corresponds to multiple XSS vulnerabilities in Open Journal Systems (OJS) up to version 2.3.6, affecting the iBrowser component (lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/ibrowser.php) and input fields (editor/callback, authors[][url], Bio Statement, Abstract of Submiss...

Multiple vulnerabilities in Open Journal Systems (OJS)

Advisory ID: HTB23079 Product: Open Journal Systems OJS Vendor: Public Knowledge Project Vulnerable Versions: 2.3.6 and probably prior Tested Version: 2.3.6 Vendor Notification: 29 February 2012 Vendor Patch: 16 March 2012 Public Disclosure: 21 March 2012 Vulnerability Type: Arbitrary File...

Open Journal Systems 2.3.6 XSS / File Manipulation / Shell Upload

Advisory ID: HTB23079 Product: Open Journal Systems OJS Vendor: Public Knowledge Project Vulnerable Versions: 2.3.6 and probably prior Tested Version: 2.3.6 Vendor Notification: 29 February 2012 Vendor Patch: 16 March 2012 Public Disclosure: 21 March 2012 Vulnerability Type: Arbitrary File...

CVE-2012-1469

creationtimestamp| type| source ---|---|--- 2012-03-21 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/37000 2012-03-21 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36999...

Multiple vulnerabilities in Open Journal Systems (OJS)

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Open Journal Systems which can be exploited to manipulate local files, upload arbitrary files and perform Cross-Site Scripting XSS attacks. 1 Arbitrary File Manipulation in Open Journal Systems: CVE-2012-1467 1.1...