74 matches found
EUVD-2006-4061
Malware in sbrugna...
EUVD-2021-31298
Malicious code in bioql PyPI...
EUVD-2022-29092
Malicious code in bioql PyPI...
PT-2025-38919
Name of the Vulnerable Software and Affected Versions Jonathan Brinley DOAJ Export versions through 1.0.4 Description The software contains a flaw related to improper handling of user-supplied data when creating web pages, which can lead to Stored Cross-Site Scripting XSS. This allows an attacker...
CVE-2022-24181
Cross-site scripting XSS via Host Header injection in PKP Open Journals System 2.4.8 = 3.3 allows remote attackers to inject arbitary code via the X-Forwarded-Host Header...
journals.wumardan.edu.pk Cross Site Scripting vulnerability OBB-3879305
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Using ChatGPT to cheat on assignments? New tool detects AI-generated text with amazing accuracy
ChatGPT and similar Large language models LLMs can be used to write texts about any given subject, at any desired length at a speed unmatched by humans. So its not a surprise that students have been using them to "help" write assignments, much to the dismay of teachers who prefer to receive...
PKP Open Journals System Cross-Site Scripting Vulnerability
PKP Open Journals System is a journal system. A cross-site scripting vulnerability exists in PKP Open Journals System prior to version 3.3.0-16, which stems from the inability to properly escape special characters in a title, and can be exploited by an attacker to inject malicious script into a w...
PKP Open Journals System Cross-Site Scripting Vulnerability
PKP Open Journals System is a journal system. A cross-site scripting vulnerability exists in PKP Open Journals System prior to version 3.3.0-16, which stems from the fact that certain inputs are not escaped and can be exploited by an attacker to inject malicious script into a web site...
journals.openedition.org Cross Site Scripting vulnerability OBB-3673075
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
connectjournals.com Cross Site Scripting vulnerability OBB-3374432
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
earth.mosuljournals.com Cross Site Scripting vulnerability OBB-3252676
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
journals.openedition.org Cross Site Scripting vulnerability OBB-2855444
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
moss.mosuljournals.com Cross Site Scripting vulnerability OBB-2853895
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Dolibarr SQL Injection vulnerability
SQL Injection vulnerability in Dolibarr before version 7.0.2 allows remote attackers to execute arbitrary SQL commands via the sortfield parameter to /accountancy/admin/accountmodel.php, /accountancy/admin/categorieslist.php, /accountancy/admin/journalslist.php, /admin/dict.php,...
indianjournals.com Cross Site Scripting vulnerability OBB-2536183
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
PKP Open Journals System 3.3 - Cross-Site Scripting (XSS)
Exploit Title: PKP Open Journals System 3.3 - Cross-Site Scripting XSS Date: 31/01/2022 Exploit Author: Hemant Kashyap Vendor Homepage: https://github.com/pkp/pkp-lib/issues/7649 Version: PKP Open Journals System 2.4.8 = 3.3 Tested on: All OS CVE : CVE-2022-24181 References:...
PKP Open Journals System 3.3 - Cross-Site Scripting Vulnerability
Exploit Title: PKP Open Journals System 3.3 - Cross-Site Scripting XSS Exploit Author: Hemant Kashyap Vendor Homepage: https://github.com/pkp/pkp-lib/issues/7649 Version: PKP Open Journals System 2.4.8 = 3.3 Tested on: All OS CVE : CVE-2022-24181 References: https://youtu.be/v8-9evO2oVg XSS via...
PKP Open Journals System 3.3 Cross Site Scripting
Exploit Title: PKP Open Journals System 3.3 - Cross-Site Scripting XSS Date: 31/01/2022 Exploit Author: Hemant Kashyap Vendor Homepage: https://github.com/pkp/pkp-lib/issues/7649 Version: PKP Open Journals System 2.4.8 = 3.3 Tested on: All OS CVE : CVE-2022-24181 References:...
CVE-2022-24181
Cross-site scripting XSS via Host Header injection in PKP Open Journals System 2.4.8 = 3.3 allows remote attackers to inject arbitary code via the X-Forwarded-Host Header...