Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2012-1468
HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-1468

2022-10-0316:15:27
mitre
www.cve.org
1
vulnerability
open journal systems
remote authenticated users
arbitrary code
blacklist vulnerability
upload
executable extension

7.1 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.6%

JSON

Incomplete blacklist vulnerability in Open Journal Systems before 2.3.7 allows remote authenticated users with the Author Role permission to execute arbitrary code by uploading a file with an executable extension that is not “.php”, then accessing it via a direct request to the file in submission/original/ in the associated article directory, as demonstrated using .pHp, .asp, and other extensions.

Related

ubuntucve 1
prion 1
nvd 1
cve 1
securityvulns 2
packetstorm 1
htbridge 1
ubuntucve
ubuntucve
CVE-2012-1468
2012-09-06 00:00:00
prion
prion
Design/Logic Flaw
2012-09-06 21:55:00
nvd
nvd
CVE-2012-1468
2012-09-06 21:55:01
cve
cve
CVE-2012-1468
2022-10-03 16:15:27
securityvulns
securityvulns
Multiple vulnerabilities in Open Journal Systems (OJS)
2012-04-09 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2012-04-09 00:00:00
packetstorm
packetstorm
Open Journal Systems 2.3.6 XSS / File Manipulation / Shell Upload
2012-03-22 00:00:00
htbridge
htbridge
Multiple vulnerabilities in Open Journal Systems (OJS)
2012-02-29 00:00:00

7.1 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.6%

JSON
Related for CVELIST:CVE-2012-1468
ubuntucve1prion1nvd1cve1securityvulns2packetstorm1htbridge1