CVE-2012-1468

Incomplete blacklist vulnerability in Open Journal Systems before 2.3.7 allows remote authenticated users with the Author Role permission to execute arbitrary code by uploading a file with an executable extension that is not ".php", then accessing it via a direct request to the file in submission/original/ in the associated article directory, as demonstrated using .pHp, .asp, and other extensions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
VendorProductVersion
pkpopen_journal_systems
𝑥
≤ 2.3.6
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ojs
raring
dne
quantal
dne
precise
dne
oneiric
ignored
natty
ignored
lucid
dne
hardy
dne
References
http://pkp.sfu.ca/ojs/RELEASE-2.3.7
http://pkp.sfu.ca/support/forum/viewtopic.php?f=2&t=8431
https://www.htbridge.com/advisory/HTB23079
http://pkp.sfu.ca/ojs/RELEASE-2.3.7
http://pkp.sfu.ca/support/forum/viewtopic.php?f=2&t=8431
https://www.htbridge.com/advisory/HTB23079