Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pkp vulnerabilities and exploits
(subscribe to this query)
8.2
CVSSv3
CVE-2023-5889
Insufficient Session Expiration in GitHub repository pkp/pkp-lib before 3.3.0-16.
Pkp Pkp Web Application Library
8.8
CVSSv3
CVE-2023-5898
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib before 3.3.0-16.
Pkp Pkp Web Application Library
8.8
CVSSv3
CVE-2023-5899
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib before 3.3.0-16.
Pkp Pkp Web Application Library
8.1
CVSSv3
CVE-2023-4695
Use of Predictable Algorithm in Random Number Generator in GitHub repository pkp/pkp-lib before 3.3.0-16.
Pkp Pkb-lib
NA
CVE-2012-1467
Multiple directory traversal vulnerabilities in the iBrowser plugin library, as used in Open Journal Systems prior to 2.3.7, allow remote authenticated users to (1) delete or (2) rename arbitrary files via a .. (dot dot) in the param parameter to lib/pkp/lib/tinymce/jscripts/tiny...
Pkp Open Journal Systems
1 EDB exploit
NA
CVE-2012-1468
Incomplete blacklist vulnerability in Open Journal Systems prior to 2.3.7 allows remote authenticated users with the Author Role permission to execute arbitrary code by uploading a file with an executable extension that is not ".php", then accessing it via a direct requ...
Pkp Open Journal Systems
1 EDB exploit
NA
CVE-2012-1469
Multiple cross-site scripting (XSS) vulnerabilities in Open Journal Systems prior to 2.3.7 allow remote attackers and remote authenticated users to inject arbitrary web script or HTML via the (1) editor or (2) callback parameters to lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/i...
Pkp Open Journal Systems
2 EDB exploits
5.4
CVSSv3
CVE-2023-5890
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib before 3.3.0-16.
Sfu Pkp Web Application Library
5.4
CVSSv3
CVE-2023-5892
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib before 3.3.0-16.
Sfu Pkp Web Application Library
5.4
CVSSv3
CVE-2023-5895
Cross-site Scripting (XSS) - DOM in GitHub repository pkp/pkp-lib before 3.3.0-16.
Sfu Pkp Web Application Library
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »