Lucene search
+L

104 matches found

nuclei
nuclei
added yesterday280 views

PKP Open Journal Systems 2.4.8-3.3 - Cross-Site Scripting

PKP Open Journal Systems 2.4.8 to 3.3 contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary code via the X-Forwarded-Host Header. id: CVE-2022-24181 info: name: PKP Open Journal Systems 2.4.8-3.3 - Cross-Site Scripting author: lucasljm2001,ekrause severit...

6.1CVSS6.5AI score0.0608EPSS
Exploits3References5
redhatcve
redhatcve
added 2026/01/09 10:43 a.m.9 views

CVE-2022-26616

PKP Vendor Open Journal System v2.4.8 to v3.3.8 allows attackers to perform reflected cross-site scripting XSS attacks via crafted HTTP headers...

6.1CVSS5.8AI score0.00973EPSS
Exploits0References1
packetstorm
packetstorm
added 2025/12/23 12:0 a.m.270 views

📄 Open Journal Systems 3.5.0-1 Path Traversal

Open Journal Systems versions 3.5.0-1 and below suffer from a path traversal vulnerability in NativeXmlIssueGalleyFilter.php. --------------------------------------------------------------------------------------------- Open Journal Systems issuegalleys - issuegalley - issuefile - filename tag of...

7AI score
Exploits1
packetstorm
packetstorm
added 2025/12/23 12:0 a.m.167 views

📄 PKP-WAL 3.5.0-1 Cross Site Request Forgery

PKP-WAL versions 3.5.0-1 and below suffer from a cross site request forgery vulnerability. ----------------------------------------------------------------- PKP-WAL = 3.5.0-1 Login Cross-Site Request Forgery Vulnerability ----------------------------------------------------------------- - Softwar...

6.8AI score
Exploits0
redhatcve
redhatcve
added 2025/11/30 2:0 p.m.18 views

CVE-2025-13469

A security vulnerability has been detected in Public Knowledge Project omp and ojs 3.3.0/3.4.0/3.5.0. Impacted is an unknown function of the file plugins/paymethod/manual/templates/paymentForm.tpl of the component Payment Instructions Setting Handler. The manipulation of the argument...

4.8CVSS5.7AI score0.00223EPSS
Exploits0References1
nvd
nvd
added 2025/11/20 3:17 p.m.29 views

CVE-2025-13469

A security vulnerability has been detected in Public Knowledge Project omp and ojs 3.3.0/3.4.0/3.5.0. Impacted is an unknown function of the file plugins/paymethod/manual/templates/paymentForm.tpl of the component Payment Instructions Setting Handler. The manipulation of the argument...

4.8CVSS0.00223EPSS
Exploits0References6
cve
cve
added 2025/11/20 1:32 p.m.22 views

CVE-2025-13469

CVE-2025-13469 affects Public Knowledge Project platforms PKP OJS/OMP/Ops (versions 3.3.0/3.4.0/3.5.0) where an attacker can trigger a cross-site scripting (XSS) by manipulating the argument manualInstructions in the file plugins/paymethod/manual/templates/paymentForm.tpl under the Payment Instru...

4.8CVSS3.2AI score0.00223EPSS
Exploits0References6
osv
osv
added 2025/11/20 1:32 p.m.8 views

CVE-2025-13469 Public Knowledge Project omp/ojs Payment Instructions Setting paymentForm.tpl cross site scripting

A security vulnerability has been detected in Public Knowledge Project omp and ojs 3.3.0/3.4.0/3.5.0. Impacted is an unknown function of the file plugins/paymethod/manual/templates/paymentForm.tpl of the component Payment Instructions Setting Handler. The manipulation of the argument...

4.8CVSS4.2AI score0.00223EPSS
Exploits0References8
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-4207

Malware in sbrugna...

6.1CVSS6.3AI score0.01796EPSS
Exploits0References5
euvd
euvd
added 2025/10/07 12:30 a.m.16 views

EUVD-2012-1486

Malware in sbrugna...

6CVSS6.2AI score0.03482EPSS
Exploits2References5
euvd
euvd
added 2025/10/07 12:30 a.m.10 views

EUVD-2011-5096

Malware in sbrugna...

6.8CVSS6.4AI score0.01334EPSS
Exploits1References4
euvd
euvd
added 2025/10/07 12:30 a.m.8 views

EUVD-2019-9501

Malware in sbrugna...

8.8CVSS8.6AI score0.01394EPSS
Exploits0References4
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-31170

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00973EPSS
Exploits0References2
taosecurity
taosecurity
added 2025/10/02 3:19 p.m.6 views

Stop Shoddy Academic "Research"

When someone cites one of my works, I get a notice from Research Gate. Today I got one, from an article from the "IEEE Open Journal of the Communications Society." It cited my first book, which is 21 years old. The PDF was available. I noticed the article referenced Prelude, a project I talked...

6.7AI score
Exploits0
redhatcve
redhatcve
added 2025/05/23 1:57 a.m.15 views

CVE-2023-47271

PKP-WAL aka PKP Web Application Library or pkp-lib before 3.3.0-16, as used in Open Journal Systems OJS and other products, does not verify that the file named in an XML document used for the native import/export plugin is an image file, before trying to use it for an issue cover image...

5.3CVSS6.9AI score0.00618EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/05/22 12:17 p.m.14 views

CVE-2012-1467

Multiple directory traversal vulnerabilities in the iBrowser plugin library, as used in Open Journal Systems before 2.3.7, allow remote authenticated users to 1 delete or 2 rename arbitrary files via a .. dot dot in the param parameter to...

6.5CVSS6.8AI score0.03003EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/05/22 12:14 p.m.12 views

CVE-2012-1468

Incomplete blacklist vulnerability in Open Journal Systems before 2.3.7 allows remote authenticated users with the Author Role permission to execute arbitrary code by uploading a file with an executable extension that is not ".php", then accessing it via a direct request to the file in...

6CVSS7.5AI score0.03482EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/05/22 4:56 a.m.13 views

CVE-2019-19909

An issue was discovered in Public Knowledge Project PKP pkp-lib before 3.1.2-2, as used in Open Journal Systems OJS before 3.1.2-2. Code injection can occur in the OJS report generator if an authenticated Journal Manager user visits a crafted URL, because unserialize is used...

8.8CVSS7.1AI score0.01394EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/02/24 12:0 a.m.7 views

Public Knowledge Project Platform OJS/OMP/OPS 安全漏洞

Public Knowledge Project Platform OJS/OMP/OPS PKP Platform OJS/OMP/OPS is an open source publishing platform from Public Knowledge Project, Inc. A security vulnerability exists in Public Knowledge Project Platform OJS/OMP/OPS versions prior to 3.3.0.21 and versions prior to 3.4.x through 3.4.0.8,...

9.8CVSS6.5AI score0.00378EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2024/11/22 12:0 a.m.10 views

PT-2024-34475 · Public Knowledge · Pkp Platform Ojs/Omp/Ops

Name of the Vulnerable Software and Affected Versions: Public Knowledge Project PKP Platform OJS/OMP/OPS versions prior to 3.3.0.16 Description: The issue allows an attacker to execute arbitrary code and escalate privileges via a crafted script. This is a Cross Site Scripting vulnerability...

5.4CVSS7.6AI score0.00346EPSS
Exploits0References3
Rows per page
Query Builder