CVE-2024-56525 | pkp OJS/OMP/OPS prior 3.3.0.21/3.4.0.8 User XML Plugin backdoor

Inserito da Angelo Barbosa | Feb 25, 2025 | CVE

A vulnerability, which was classified as critical, was found in pkp OJS, OMP and OPS. Affected is an unknown function of the component User XML Plugin Handler. The manipulation leads to backdoor.

This vulnerability is traded as CVE-2024-56525. The attack can only be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-56525 | pkp OJS/OMP/OPS prior 3.3.0.21/3.4.0.8 User XML Plugin backdoor

Post correlati

CVE-2024-26764 | Linux Kernel up to 6.7.6 aio kiocb_set_cancel_fn Privilege Escalation

CVE-2025-1185 | pihome-shc PiHome 2.0 ajax.php?Ajax=GetModal_Sensor_Graph sql injection

CVE-2024-2723 | Ciges CIGESv2 ajaxSubServicios.php idServicio sql injection

CVE-2024-2811 | Tenda AC15 15.03.20_multi /goform/WifiWpsStart formWifiWpsStart index stack-based overflow