Cross-Site Request Forgery Vulnerability in Public Knowledge Project Open Harvester Systems
CVE-2011-5197

Currently unrated

Key Information:

Vendor: Public Knowledge Project
Status: Open Harvester Systems
Vendor: CVE Published:; 23 September 2012

🔔 Create Public Knowledge Project Vulnerability Alert

What is CVE-2011-5197?

A CSRF vulnerability exists in the upload functionality found in the index/manager/fileUpload endpoint of Public Knowledge Project Open Harvester Systems versions 2.3.1 and earlier. This flaw allows attackers to exploit authenticated administrators' sessions, enabling them to send unauthorized requests that can result in the uploading of malicious PHP files. By leveraging this vulnerability, an attacker can effectively hijack administrator privileges without needing direct access to their credentials, posing a significant risk to the integrity and security of the platform.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.exploit-db.com/exploits/18266

exploitx_refsource_EXPLOIT-DB

Timeline

Vulnerability published
Sep 23, 2012
Vulnerability Reserved
Sep 23, 2012

JSON

Public Knowledge Project

What is CVE-2011-5197?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.