Description
Multiple directory traversal vulnerabilities in the iBrowser plugin library, as used in Open Journal Systems before 2.3.7, allow remote authenticated users to (1) delete or (2) rename arbitrary files via a .. (dot dot) in the param parameter to lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/scripts/rfiles.php.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by High-Tech Bridge · textwebappsphp
https://www.exploit-db.com/exploits/37002
References (2)
Core 2
Core References
Various Sources x_refsource_confirm
http://pkp.sfu.ca/support/forum/viewtopic.php?f=2&t=8431
Exploit x_refsource_misc
https://www.htbridge.com/advisory/HTB23079
Scores
EPSS
0.0406
EPSS Percentile
88.6%
Details
CWE
CWE-22
Status
published
Products (1)
pkp/open_journal_systems
< 2.3.6
Published
Sep 06, 2012
Tracked Since
Feb 18, 2026