PT-2024-20229 · Jsherp · Jsherp

Name of the Vulnerable Software and Affected Versions: jshERP version 3.3 Description: The issue concerns a SQL Injection vulnerability. Specifically, the findInOutMaterialCount function in com.jsh.erp.controller.DepotHeadController does not adequately filter the column and order parameters,...

PKP Open Journals System 3.3 - Cross-Site Scripting (XSS)

Exploit Title: PKP Open Journals System 3.3 - Cross-Site Scripting XSS Date: 31/01/2022 Exploit Author: Hemant Kashyap Vendor Homepage: https://github.com/pkp/pkp-lib/issues/7649 Version: PKP Open Journals System 2.4.8 = 3.3 Tested on: All OS CVE : CVE-2022-24181 References:...