Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

blackboard blackboard academic suite vulnerabilities and exploits

(subscribe to this query)
7.5
CVSSv2
CVE-2005-4337
The login page in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions prior to 6 allows remote malicious users to bypass authentication and gain privileges as other users via a modified user_id parameter and a "/" in...
Blackboard Academic SuiteBlackboard Academic Suite 6.2.3.23Blackboard Academic Suite 6.3.1.424
10
CVSSv2
CVE-2005-4338
announcement.pl in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions prior to 6 allows remote malicious users to gain administrator privileges by setting the context parameter to "admin".
Blackboard Academic SuiteBlackboard Academic Suite 6.2.3.23Blackboard Academic Suite 6.3.1.424
4.3
CVSSv2
CVE-2005-4339
Cross-site scripting (XSS) vulnerability in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions prior to 6 allows remote malicious users to inject arbitrary web script or HTML via the context parameter to announcement.pl, whic...
Blackboard Academic Suite 6.2.3.23Blackboard Academic Suite 6.3.1.424Blackboard Academic Suite
4
CVSSv2
CVE-2005-4206
Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions prior to 6 allows remote malicious users to redirect users to other URLs and conduct phishing attacks via a modified url parameter to frameset.jsp, which loads the URL into a...
Blackboard Academic Suite 6.2.3.23Blackboard Academic Suite 6.3.1.424Blackboard Academic Suite
5
CVSSv2
CVE-2005-4341
Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions prior to 6 allows remote malicious users to list all available categories via a blank category_id parameter to category.pl. NOTE: it is not clear whether this information is ...
Blackboard Academic SuiteBlackboard Academic Suite 6.3.1.424Blackboard Academic Suite 6.2.3.23
6.8
CVSSv2
CVE-2008-1883
The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly by clients, which makes it easier for remote malicious users to access accounts via a modified client that skips the javascript/md5.js hash calculation, and instead sends an arbitrar...
Blackboard Blackboard Academic Suite
6
CVSSv2
CVE-2006-3914
Cross-site scripting (XSS) vulnerability in Blackboard Academic Suite 6.2.3.23 allows remote authenticated users to inject arbitrary HTML or web script by bypassing client-side validation through disabling JavaScript when submitting an essay response, which has no server-side val...
Blackboard Blackboard Academic Suite 6.2.3.23
4.3
CVSSv2
CVE-2008-3421
Multiple cross-site request forgery (CSRF) vulnerabilities in Blackboard Academic Suite 8.0.260.7 allow remote malicious users to hijack the authentication of student users for requests that change configuration and enrollments via unspecified input to (1) update_module.jsp, (2) ...
Blackboard Blackboard Academic Suite 8.0.260.7
4.3
CVSSv2
CVE-2006-0511
Blackboard Academic Suite 6.0 and previous versions does not properly clear session information when de-authenticating a user who is idle, which allows subsequent users to log in as the previous user and gain privileges. NOTE: the vendor has disputed this issue, saying that "...
Blackboard Blackboard 5.0.2Blackboard Blackboard 6.0Blackboard Blackboard 5.5Blackboard Blackboard 5.5.1Blackboard Blackboard 5.0Blackboard Blackboard Academic Suite 6.0
4.3
CVSSv2
CVE-2008-1795
Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Academic Suite 7.x and previous versions, and possibly some 8.0 versions, allow remote malicious users to inject arbitrary web script or HTML via (1) the searchText parameter in a Course action to webapps/blackboar...
Blackboard Academic Suite
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXECVE-2024-34490SQL injectionCVE-2024-34488CVE-2024-4507CVE-2023-7028CVE-2024-23187TCPCVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook