SRIVISHNU P - Security Researcher - Exploit Intelligence Platform

CVE-2024-24511 WRITEUP MEDIUM SUSPICIOUS

Open Journal Systems 3.4 - Stored Cross-Site Scripting in Input Title Component

Cross Site Scripting vulnerability in Pkp OJS v.3.4 allows an attacker to execute arbitrary code via the Input Title component.

CVSS 6.1

View Code

CVE-2024-24512 WRITEUP MEDIUM SUSPICIOUS

Open Journal Systems 3.4 - Stored Cross-Site Scripting via Subtitle Input

Cross Site Scripting vulnerability in Pkp OJS v.3.4 allows an attacker to execute arbitrary code via the input subtitle component.

CVSS 6.1

View Code

CVE-2024-25434 WRITEUP MEDIUM WRITEUP

Open Journal Systems 3.3 - Stored Cross-Site Scripting via Publicname Parameter

A cross-site scripting (XSS) vulnerability in Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Publicname parameter.

CVSS 5.4

View Code

CVE-2024-25435 WRITEUP MEDIUM WRITEUP

Md1health Md1patient 2.0.0 - Cross-Site Scripting via Msg Parameter

A cross-site scripting (XSS) vulnerability in Md1health Md1patient v2.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Msg parameter.

CVSS 6.1

View Code

CVE-2024-25436 WRITEUP MEDIUM WRITEUP

Open Journal Systems 3.3 - Stored Cross-Site Scripting in Add Discussion Subject Field

A cross-site scripting (XSS) vulnerability in the Production module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function.

CVSS 6.1

View Code

CVE-2024-25438 WRITEUP MEDIUM WRITEUP

Open Journal Systems 3.3 - Stored Cross-Site Scripting in Add Discussion Subject Field

A cross-site scripting (XSS) vulnerability in the Submission module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function.

CVSS 6.1

View Code