Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
journal vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5626
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/ojs before 3.3.0-16.
Sfu Open Journal System
481
VMScore
CVE-2014-5706
The SomNote - Journal/Memo (aka com.somcloud.somnote) application 2.1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Somcloud Somnote - Journal\\/memo 2.1.5
NA
CVE-2023-6671
A vulnerability has been discovered on OJS, that consists in a CSRF (Cross-Site Request Forgery) attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated.
Openjournalsystems Open Journal Systems 3.3.0.13
383
VMScore
CVE-2022-26616
PKP Vendor Open Journal System v2.4.8 to v3.3.8 allows malicious users to perform reflected cross-site scripting (XSS) attacks via crafted HTTP headers.
Public Knowledge Project Open Journal Systems
668
VMScore
CVE-2017-6022
A hard-coded password issue exists in Becton, Dickinson and Company (BD) PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. They use hard-coded passwords to access the BD Kiestra Database, which could be leveraged to comprom...
Bd Performa
Bd Kla Journal Service
481
VMScore
CVE-2014-7122
The Lansing State Journal Print (aka com.lansingjournal.android.prod) application 6.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Gannett Lansing State Journal Print 6.7
384
VMScore
CVE-2022-24181
Cross-site scripting (XSS) via Host Header injection in PKP Open Journals System 2.4.8 >= 3.3 allows remote malicious users to inject arbitary code via the X-Forwarded-Host Header.
Public Knowledge Project Open Journal Systems
2 Github repositories
NA
CVE-2024-24041
A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the location parameter at /travel-journal/write-journal.php.
Remyandrade Travel Journal Using Php And Mysql With Source Code 1.0
NA
CVE-2024-24945
A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Share Your Moments parameter at /travel-journal/write-journal.php.
Remyandrade Travel Journal Using Php And Mysql With Source Code 1.0
668
VMScore
CVE-2005-4606
SQL injection vulnerability in check_user.asp in multiple Web Wiz products including (1) Site News 3.06 and previous versions, (2) Journal 1.0 and previous versions, (3) Polls 3.06 and previous versions, and (4) and Database Login 1.71 and previous versions allows remote maliciou...
Webwiz Site News
Webwiz Journal
Webwiz Database Login
Webwiz Weekly Poll
Webwiz Site News 2.00
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »