Showing 1 - 1 of 1

CVE-2012-1469

Status Candidate

Overview

Multiple cross-site scripting (XSS) vulnerabilities in Open Journal Systems before 2.3.7 allow remote attackers and remote authenticated users to inject arbitrary web script or HTML via the (1) editor or (2) callback parameters to lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/ibrowser.php in the iBrowser plugin, (3) authors[][url] parameter to index.php, or (4) Bio Statement or (5) Abstract of Submission fields to the stripUnsafeHtml function in lib/pkp/classes/core/String.inc.php.

Related Files

Open Journal Systems 2.3.6 XSS / File Manipulation / Shell Upload: Posted Mar 22, 2012; Authored by High-Tech Bridge SA | Site htbridge.com; Open Journal Systems version 2.3.6 suffers from file manipulation, cross site scripting, and shell upload vulnerabilities.; tags | exploit, shell, vulnerability, xss; advisories | CVE-2012-1467, CVE-2012-1468, CVE-2012-1469; SHA-256 | 81bdaf7da25d1a403fe8d33e0db440a1dba968642a8af4e43f80678a574c7ac6; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 201 files
indoushka 118 files
Ubuntu 88 files
Gentoo 33 files
Jasper Nota 25 files
Debian 24 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Apple 9 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,107)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,890)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,615)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,777)
UNIX (9,440)
UnixWare (187)
Windows (6,676)
Other

CVE-2012-1469

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems