EUVD-2013-6567

Malware in sbrugna...

EUVD-2017-11410

Malware in sbrugna...

Malicious code in @zalastax/nolb-omp (npm)

The package @zalastax/nolb-omp was found to contain malicious code...

MAL-2025-12819 Malicious code in @zalastax/nolb-omp (npm)

The package @zalastax/nolb-omp was found to contain malicious code...

CVE-2024-50965

Cross Site Scripting vulnerability in Public Knowledge Project PKP Platform OJS/OMP/OPS- before v.3.3.0.16 allows an attacker to execute arbitrary code and escalate privileges via a crafted script...

CVE-2024-56525

In Public Knowledge Project PKP OJS, OMP, and OPS before 3.3.0.21 and 3.4.x before 3.4.0.8, an XXE attack by the Journal Editor Role can create a new role as super admin in the journal context, and insert a backdoor plugin, by uploading a crafted XML document as a User XML Plugin...

CVE-2024-50965

CVE-2024-50965 describes a Cross Site Scripting vulnerability in Public Knowledge Project PKP Platform OJS/OMP/OPS affecting versions prior to 3.3.0.16. The vulnerability is capable of allowing an attacker to execute arbitrary code and escalate privileges via a crafted script. The issue is suppor...

SUSE CVE-2012-5520

The sendtosourcefire function in managesql.c in OpenVAS Manager 3.x before 3.0.4 allows remote attackers to execute arbitrary commands via the 1 IP address or 2 port number field in an OMP request...

SUSE CVE-2014-9220

SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x before 5.0.7 allows remote attackers to execute arbitrary SQL commands via the timezone parameter in a modifyschedule OMP command...

Cross-site Scripting (XSS) - Reflected in pkp/omp

✍️ Description i was able to perform a Reflected XSS against your website/repository. The Reflected XSS vulnerability occurs when the data provided by the attacker is not sanitized by the server, and then reflected "normal" pages returned to other users in the course of regular browsing. Proof of...

The vulnerability of the omp-appmanager module for mobile applications within the application software “Avora Center” is related to deficiencies in access control in the isolated environment. This vulnerability allows a malicious individual to perform installation or deletion of mobile applications.

The vulnerability of the omp-appmanager module for mobile applications, which is part of the “Avora Center” application software, relates to the provision of unprivileged accounts for the privileged API used for installing and removing applications. Exploiting this vulnerability could allow a...

CVE-2018-12588

The CVE concerns a cross-site scripting (XSS) vulnerability in PKP Open Monograph Press (OMP) templates/frontend/pages/searchResults.tpl. Affected versions are PKP OMP 1.2.0 through 3.1.1-2 (before 3.1.1-3). The issue allows remote attackers to inject arbitrary script/HTML via the catalog.noTitle...

lockwoodpressonline.com XSS vulnerability

Open Bug Bounty ID: OBB-633510 Description| Value ---|--- Affected Website:| lockwoodpressonline.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| OMP 3.X Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

pblpubs.org XSS vulnerability

Open Bug Bounty ID: OBB-633509 Description| Value ---|--- Affected Website:| pblpubs.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| OMP 1.2 Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

sci-en-tech.com XSS vulnerability

Open Bug Bounty ID: OBB-633507 Description| Value ---|--- Affected Website:| sci-en-tech.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| OMP 1.2 Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

ebooks.epublishing.ekt.gr XSS vulnerability

Open Bug Bounty ID: OBB-633506 Description| Value ---|--- Affected Website:| ebooks.epublishing.ekt.gr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| OMP 3.X Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Charamin OMP Untrustworthy Search Path Vulnerability

Charamin OMP is a media player that automatically generates dance animations by analyzing music files. An untrustworthy search path vulnerability exists in Charamin OMP versions 1.1.7.4 and earlier and 1.2.0.0 Beta and earlier. An attacker can exploit this vulnerability to gain privileges with th...

CVE-2017-2227

Untrusted search path vulnerability in The installer of Charamin OMP Version 1.1.7.4 and earlier, Version 1.2.0.0 Beta and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

Design/Logic Flaw

Untrusted search path vulnerability in The installer of Charamin OMP Version 1.1.7.4 and earlier, Version 1.2.0.0 Beta and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

CVE-2017-2227

Untrusted search path vulnerability in The installer of Charamin OMP Version 1.1.7.4 and earlier, Version 1.2.0.0 Beta and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...