Incomplete blacklist vulnerability in Open Journal Systems before 2.3.7 allows remote authenticated users with the Author Role permission to execute arbitrary code by uploading a file with an executable extension that is not ".php", then accessing it via a direct request to the file in submission/original/ in the associated article directory, as demonstrated using .pHp, .asp, and other extensions.
AV:N/AC:M/Au:S/C:P/I:P/A:PPkp Open Journal Systems
APPPkp≤ 2.3.6
Related vulnerabilities
Multiple directory traversal vulnerabilities in the iBrowser plugin library, as used in Open Journal Systems b...
Multiple cross-site scripting (XSS) vulnerabilities in Open Journal Systems before 2.3.7 allow remote attacker...
Insufficient Session Expiration in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.