Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pkp vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-5893
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib before 3.3.0-16.
Sfu Pkp Web Application Library
5.4
CVSSv3
CVE-2023-5895
Cross-site Scripting (XSS) - DOM in GitHub repository pkp/pkp-lib before 3.3.0-16.
Sfu Pkp Web Application Library
5.4
CVSSv3
CVE-2023-5896
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib before 3.4.0-4.
Sfu Pkp Web Application Library
4.3
CVSSv3
CVE-2023-5900
Cross-Site Request Forgery in GitHub repository pkp/pkp-lib before 3.3.0-16.
Sfu Pkp Web Application Library
4.8
CVSSv3
CVE-2023-5901
Cross-site Scripting in GitHub repository pkp/pkp-lib before 3.3.0-16.
Sfu Pkp Web Application Library
4.3
CVSSv3
CVE-2023-5902
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib before 3.3.0-16.
Sfu Pkp Web Application Library
5.4
CVSSv3
CVE-2023-5903
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib before 3.3.0-16.
Sfu Pkp Web Application Library
5.4
CVSSv3
CVE-2023-5904
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib before 3.3.0-16.
Sfu Pkp Web Application Library
5.3
CVSSv3
CVE-2023-47271
PKP-WAL (aka PKP Web Application Library or pkp-lib) prior to 3.3.0-16, as used in Open Journal Systems (OJS) and other products, does not verify that the file named in an XML document (used for the native import/export plugin) is an image file, before trying to use it for an iss...
Sfu Pkp Web Application Library
6.1
CVSSv3
CVE-2022-24181
Cross-site scripting (XSS) via Host Header injection in PKP Open Journals System 2.4.8 >= 3.3 allows remote malicious users to inject arbitary code via the X-Forwarded-Host Header.
Public Knowledge Project Open Journal Systems
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »