Lucene search
K

47 matches found

CVE
CVE
added 2012/09/23 5:0 p.m.45 views

CVE-2011-5197

Public Knowledge Project Open Harvester Systems (PKP OHS) versions 2.3.1 and earlier are affected by a CSRF vulnerability in index/manager/fileUpload that allows remote attackers to hijack administrator authentication when uploading PHP files. The description specifies the affected component and ...

6.8CVSS7.5AI score0.01976EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2012/09/23 5:0 p.m.40 views

CVE-2011-5195

CVE-2011-5195 describes a CSRF vulnerability in the Open Conference Systems (Public Knowledge Project) component at index/manager/fileUpload. The flaw lets remote attackers hijack administrator sessions for requests that upload a PHP file, affecting versions 2.3.4 and earlier. The underlying issu...

6.8CVSS7.4AI score0.01109EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2012/09/23 5:0 p.m.18 views

CVE-2011-5196

Cross-site request forgery CSRF vulnerability in index/manager/fileUpload in Public Knowledge Project Open Journal Systems 2.3.6 and earlier allows remote attackers to hijack the authentication of administrators for requests that upload PHP files...

7.2AI score0.01334EPSS
Exploits1References3
securityvulns
securityvulns
added 2012/04/09 12:0 a.m.164 views

Multiple vulnerabilities in Open Journal Systems (OJS)

Advisory ID: HTB23079 Product: Open Journal Systems OJS Vendor: Public Knowledge Project Vulnerable Versions: 2.3.6 and probably prior Tested Version: 2.3.6 Vendor Notification: 29 February 2012 Vendor Patch: 16 March 2012 Public Disclosure: 21 March 2012 Vulnerability Type: Arbitrary File...

6.5CVSS5.9AI score0.03482EPSS
Exploits4
Packet Storm
Packet Storm
added 2012/03/22 12:0 a.m.87 views

Open Journal Systems 2.3.6 XSS / File Manipulation / Shell Upload

Advisory ID: HTB23079 Product: Open Journal Systems OJS Vendor: Public Knowledge Project Vulnerable Versions: 2.3.6 and probably prior Tested Version: 2.3.6 Vendor Notification: 29 February 2012 Vendor Patch: 16 March 2012 Public Disclosure: 21 March 2012 Vulnerability Type: Arbitrary File...

6.5CVSS6.5AI score0.03482EPSS
Exploits4
Exploit DB
Exploit DB
added 2011/12/23 12:0 a.m.54 views

Open Conference/Journal/Harvester Systems 2.3.x - Multiple Remote Code Execution Vulnerabilities

!/usr/bin/python Open Conference/Journal/Harvester Systems = 2.3.X multiple remote code execution vulnerabilities vendor: Public Knowledge Project pkp -http://pkp.sfu.ca/ software link: http://pkp.sfu.ca/download author: mrme::rwx kru email: steventhomasseeley!gmail!com tested on: the interwebz &...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2011/12/23 12:0 a.m.38 views

Open ConferenceJournalHarvester Systems 2.3.x - Multiple Remote Code Execution Vulnerabilities

Open ConferenceJournalHarvester Systems 2.3.x - Multiple Remote Code Execution Vulnerabilities !/usr/bin/python Open Conference/Journal/Harvester Systems = 2.3.X multiple remote code execution vulnerabilities vendor: Public Knowledge Project pkp -http://pkp.sfu.ca/ software link:...

0.6AI score
Exploits0
Rows per page
Query Builder