machisri/CVEs-and-Vulnerabilities

Releases0

Here you can find my found CVEs and Vullnerabilities and how it can help you to learn from it.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-24511 ↗	Mar 1, 2024Friday, 1 March 2024, 23:15	6.1 MEDIUM	—
Cross Site Scripting vulnerability in Pkp OJS v.3.4 allows an attacker to execute arbitrary code via the Input Title component.
CVE-2024-24512 ↗	Mar 1, 2024Friday, 1 March 2024, 23:15	6.1 MEDIUM	—
Cross Site Scripting vulnerability in Pkp OJS v.3.4 allows an attacker to execute arbitrary code via the input subtitle component.
CVE-2024-25434 ↗	Mar 1, 2024Friday, 1 March 2024, 23:15	5.4 MEDIUM	—
A cross-site scripting (XSS) vulnerability in Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Publicname parameter.
CVE-2024-25436 ↗	Mar 1, 2024Friday, 1 March 2024, 23:15	6.1 MEDIUM	—
A cross-site scripting (XSS) vulnerability in the Production module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function.
CVE-2024-25438 ↗	Mar 1, 2024Friday, 1 March 2024, 23:15	6.1 MEDIUM	—
A cross-site scripting (XSS) vulnerability in the Submission module of Pkp Ojs v3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Input subject field under the Add Discussion function.
CVE-2024-25435 ↗	Feb 28, 2024Wednesday, 28 February 2024, 20:15	6.1 MEDIUM	—
A cross-site scripting (XSS) vulnerability in Md1health Md1patient v2.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Msg parameter.