Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1468

Overview

Vulnerability Score 6.0 6.0
CVE Id CVE-2012-1468
Last Modified 07 Sep 2012 09:41:43
Published 06 Sep 2012 05:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2012-1468

Summary

Incomplete blacklist vulnerability in Open Journal Systems before 2.3.7 allows remote authenticated users with the Author Role permission to execute arbitrary code by uploading a file with an executable extension that is not ".php", then accessing it via a direct request to the file in submission/original/ in the associated article directory, as demonstrated using .pHp, .asp, and other extensions.

Vulnerable Systems

Application

  • Pkp Open Journal Systems 2.3.6


References

MISC - https://www.htbridge.com/advisory/HTB23079

CONFIRM - http://pkp.sfu.ca/support/forum/viewtopic.php?f=2&t=8431

CONFIRM - http://pkp.sfu.ca/ojs/RELEASE-2.3.7


Last Updated: 27 May 2016 10:51:42