Alec Smecher

19 exploits Active since Jun 2018
CVE-2018-12588 WRITEUP MEDIUM WRITEUP
PKP OMP <3.1.1-3 - XSS
Cross-site scripting (XSS) vulnerability in templates/frontend/pages/searchResults.tpl in Public Knowledge Project (PKP) Open Monograph Press (OMP) v1.2.0 through 3.1.1-2 before 3.1.1-3 allows remote attackers to inject arbitrary web script or HTML via the catalog.noTitlesSearch parameter (aka the Search field).
CVSS 6.1
CVE-2023-4695 WRITEUP HIGH WRITEUP
GitHub pkp/pkp-lib <3.3.0-16 - Info Disclosure
Use of Predictable Algorithm in Random Number Generator in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
CVSS 8.1
CVE-2023-5626 WRITEUP HIGH WRITEUP
SFU Open Journal System < 3.3.0-16 - CSRF
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/ojs prior to 3.3.0-16.
CVSS 8.8
CVE-2023-5889 WRITEUP HIGH WRITEUP
Pkp Web Application Library - Insufficient Session Expiration
Insufficient Session Expiration in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
CVSS 8.2
CVE-2023-5890 WRITEUP MEDIUM WRITEUP
SFU Pkp Web Application Library < 3.3.0-16 - XSS
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
CVSS 5.4
CVE-2023-5891 WRITEUP MEDIUM WRITEUP
SFU Pkp Web Application Library < 3.3.0-16 - XSS
Cross-site Scripting (XSS) - Reflected in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
CVSS 5.4
CVE-2023-5892 WRITEUP MEDIUM WRITEUP
SFU Pkp Web Application Library < 3.3.0-16 - XSS
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
CVSS 5.4
CVE-2023-5893 WRITEUP HIGH WRITEUP
SFU Pkp Web Application Library < 3.3.0-16 - CSRF
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
CVSS 8.8
CVE-2023-5894 WRITEUP MEDIUM WRITEUP
SFU Open Journal Systems < 3.3.0-16 - XSS
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/ojs prior to 3.3.0-16.
CVSS 5.4
CVE-2023-5895 WRITEUP MEDIUM WRITEUP
SFU Pkp Web Application Library < 3.3.0-16 - XSS
Cross-site Scripting (XSS) - DOM in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
CVSS 5.4
CVE-2023-5896 WRITEUP MEDIUM WRITEUP
SFU Pkp Web Application Library < 3.4.0-4 - XSS
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.4.0-4.
CVSS 5.4
CVE-2023-5897 WRITEUP HIGH WRITEUP
SFU Customlocale < 1.2.0-1 - CSRF
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/customLocale prior to 1.2.0-1.
CVSS 8.8
CVE-2023-5898 WRITEUP HIGH WRITEUP
Pkp Web Application Library < 3.3.0-16 - CSRF
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
CVSS 8.8
CVE-2023-5899 WRITEUP HIGH WRITEUP
Pkp Web Application Library < 3.3.0-16 - CSRF
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
CVSS 8.8
CVE-2023-5900 WRITEUP LOW WRITEUP
SFU Pkp Web Application Library < 3.3.0-16 - CSRF
Cross-Site Request Forgery in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
CVSS 3.5
CVE-2023-5901 WRITEUP LOW WRITEUP
SFU Pkp Web Application Library < 3.3.0-16 - XSS
Cross-site Scripting in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
CVSS 3.5
CVE-2023-5902 WRITEUP MEDIUM WRITEUP
SFU Pkp Web Application Library < 3.3.0-15 - CSRF
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
CVSS 4.3
CVE-2023-5903 WRITEUP MEDIUM WRITEUP
SFU Pkp Web Application Library < 3.3.0-15 - XSS
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
CVSS 5.4
CVE-2023-5904 WRITEUP MEDIUM WRITEUP
SFU Pkp Web Application Library < 3.3.0-15 - XSS
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
CVSS 5.4