Cross-site request forgery (CSRF) vulnerability in index/manager/fileUpload in Public Knowledge Project Open Journal Systems 2.3.6 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that upload PHP files.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
public knowledge project open journal systems 2.3.2 |
||
public knowledge project open journal systems 2.3.1-2 |
||
public knowledge project open journal systems 2.3.0 |
||
public knowledge project open journal systems 2.2.4 |
||
public knowledge project open journal systems 1.1.7 |
||
public knowledge project open journal systems 1.1.6 |
||
public knowledge project open journal systems 1.1.5 |
||
public knowledge project open journal systems 1.1 |
||
public knowledge project open journal systems 2.3.4 |
||
public knowledge project open journal systems 2.1.1 |
||
public knowledge project open journal systems 2.1 |
||
public knowledge project open journal systems 2.0.2-1 |
||
public knowledge project open journal systems 2.0.1 |
||
public knowledge project open journal systems 2.3.3-3 |
||
public knowledge project open journal systems 2.3.3-1 |
||
public knowledge project open journal systems 2.3.2-1 |
||
public knowledge project open journal systems 2.2.3 |
||
public knowledge project open journal systems 2.2.1 |
||
public knowledge project open journal systems 1.1.10 |
||
public knowledge project open journal systems 1.1.8 |
||
public knowledge project open journal systems 1.0.1 |
||
public knowledge project open journal systems |
||
public knowledge project open journal systems 2.3.3-2 |
||
public knowledge project open journal systems 2.3.3 |
||
public knowledge project open journal systems 2.2.2 |
||
public knowledge project open journal systems 2.2 |
||
public knowledge project open journal systems 2.0 |
||
public knowledge project open journal systems 1.1.9 |
||
public knowledge project open journal systems 1.0 |
||
public knowledge project open journal systems 2.3.5 |