Lucene search
K

4 matches found

Circl
Circl
added 2025/02/24 11:27 p.m.7 views

CVE-2024-56525

creationtimestamp| type| source ---|---|--- 2025-02-24 23:27:56+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5232 2025-02-25 02:19:32+00:00| seen| https://t.me/cvedetector/18845 2025-02-25 02:57:56+00:00| seen|...

9.8CVSS5.3AI score0.00378EPSS
Exploits0References5
NVD
NVD
added 2025/02/24 11:15 p.m.14 views

CVE-2024-56525

In Public Knowledge Project PKP OJS, OMP, and OPS before 3.3.0.21 and 3.4.x before 3.4.0.8, an XXE attack by the Journal Editor Role can create a new role as super admin in the journal context, and insert a backdoor plugin, by uploading a crafted XML document as a User XML Plugin...

9.8CVSS0.00378EPSS
Exploits0References1
CVE
CVE
added 2025/02/24 12:0 a.m.66 views

CVE-2024-56525

The CVE-2024-56525 entry applies to PKP’s PKP Platform (OJS, OMP, OPS) prior to 3.3.0.21 and 3.4.x prior to 3.4.0.8. The vulnerability is described as an XXE flaw that, when exploited by a Journal Editor, can create a new role with super admin privileges within the journal context and insert a ba...

9.8CVSS7.1AI score0.00378EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/24 12:0 a.m.6 views

CVE-2024-56525

In Public Knowledge Project PKP OJS, OMP, and OPS before 3.3.0.21 and 3.4.x before 3.4.0.8, an XXE attack by the Journal Editor Role can create a new role as super admin in the journal context, and insert a backdoor plugin, by uploading a crafted XML document as a User XML Plugin...

9.4AI score0.00378EPSS
Exploits0References1
Rows per page
Query Builder