78 matches found
EUVD-2024-22765
Malicious code in bioql PyPI...
EUVD-2024-48743
Malicious code in bioql PyPI...
EUVD-2023-57919
Malicious code in bioql PyPI...
EUVD-2023-58893
Malicious code in bioql PyPI...
EUVD-2023-58167
Malicious code in bioql PyPI...
CVE-2024-7902
A vulnerability was found in pkp ojs up to 3.4.0-6 and classified as problematic. Affected by this issue is some unknown functionality of the file /login/signOut. The manipulation of the argument source with the input .example.com leads to open redirect. The attack may be launched remotely. The...
CVE-2024-25438
A cross-site scripting XSS vulnerability in the Submission module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function...
CVE-2024-25436
A cross-site scripting XSS vulnerability in the Production module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function...
CVE-2024-25434
A cross-site scripting XSS vulnerability in Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Publicname parameter...
CVE-2024-24512
Cross Site Scripting vulnerability in Pkp OJS v.3.4 allows an attacker to execute arbitrary code via the input subtitle component...
CVE-2024-24511
Cross Site Scripting vulnerability in Pkp OJS v.3.4 allows an attacker to execute arbitrary code via the Input Title component...
CVE-2024-50965
Cross Site Scripting vulnerability in Public Knowledge Project PKP Platform OJS/OMP/OPS- before v.3.3.0.16 allows an attacker to execute arbitrary code and escalate privileges via a crafted script...
CVE-2023-5626
Cross-Site Request Forgery CSRF in GitHub repository pkp/ojs prior to 3.3.0-16...
CVE-2023-5894
Cross-site Scripting XSS - Stored in GitHub repository pkp/ojs prior to 3.3.0-16...
CVE-2024-56525
In Public Knowledge Project PKP OJS, OMP, and OPS before 3.3.0.21 and 3.4.x before 3.4.0.8, an XXE attack by the Journal Editor Role can create a new role as super admin in the journal context, and insert a backdoor plugin, by uploading a crafted XML document as a User XML Plugin...
CVE-2024-50965
CVE-2024-50965 describes a Cross Site Scripting vulnerability in Public Knowledge Project PKP Platform OJS/OMP/OPS affecting versions prior to 3.3.0.16. The vulnerability is capable of allowing an attacker to execute arbitrary code and escalate privileges via a crafted script. The issue is suppor...
CVE-2024-7902
A vulnerability was found in pkp ojs up to 3.4.0-6 and classified as problematic. Affected by this issue is some unknown functionality of the file /login/signOut. The manipulation of the argument source with the input .example.com leads to open redirect. The attack may be launched remotely. The...
CVE-2024-7902
A vulnerability was found in pkp ojs up to 3.4.0-6 and classified as problematic. Affected by this issue is some unknown functionality of the file /login/signOut. The manipulation of the argument source with the input .example.com leads to open redirect. The attack may be launched remotely. The...
CVE-2024-7902 pkp ojs signOut redirect
A vulnerability was found in pkp ojs up to 3.4.0-6 and classified as problematic. Affected by this issue is some unknown functionality of the file /login/signOut. The manipulation of the argument source with the input .example.com leads to open redirect. The attack may be launched remotely. The...
CVE-2024-7902 pkp ojs signOut redirect
A vulnerability was found in pkp ojs up to 3.4.0-6 and classified as problematic. Affected by this issue is some unknown functionality of the file /login/signOut. The manipulation of the argument source with the input .example.com leads to open redirect. The attack may be launched remotely. The...