CVE-2025-13469
- EPSS 0.05%
- Veröffentlicht 20.11.2025 13:32:10
- Zuletzt bearbeitet 21.11.2025 15:13:59
A security vulnerability has been detected in Public Knowledge Project omp and ojs 3.3.0/3.4.0/3.5.0. Impacted is an unknown function of the file plugins/paymethod/manual/templates/paymentForm.tpl of the component Payment Instructions Setting Handler...
CVE-2024-56525
- EPSS 0.15%
- Veröffentlicht 24.02.2025 23:15:10
- Zuletzt bearbeitet 25.02.2025 15:15:22
In Public Knowledge Project (PKP) OJS, OMP, and OPS before 3.3.0.21 and 3.4.x before 3.4.0.8, an XXE attack by the Journal Editor Role can create a new role as super admin in the journal context, and insert a backdoor plugin, by uploading a crafted X...
CVE-2024-50965
- EPSS 0.07%
- Veröffentlicht 22.11.2024 16:15:33
- Zuletzt bearbeitet 22.11.2024 18:15:17
Cross Site Scripting vulnerability in Public Knowledge Project PKP Platform OJS/OMP/OPS- before v.3.3.0.16 allows an attacker to execute arbitrary code and escalate privileges via a crafted script
CVE-2018-12588
- EPSS 0.41%
- Veröffentlicht 19.06.2018 21:29:01
- Zuletzt bearbeitet 21.11.2024 03:45:29
Cross-site scripting (XSS) vulnerability in templates/frontend/pages/searchResults.tpl in Public Knowledge Project (PKP) Open Monograph Press (OMP) v1.2.0 through 3.1.1-2 before 3.1.1-3 allows remote attackers to inject arbitrary web script or HTML v...