Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ilias ilias vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-5816
SQL injection vulnerability in repository.php in ILIAS 3.7.4 and previous versions allows remote malicious users to execute arbitrary SQL commands via the ref_id parameter.
Ilias Ilias 3.7.2
Ilias Ilias 3.7.1
Ilias Ilias 3.7.0
Ilias Ilias
Ilias Ilias 3.7.3
1 EDB exploit
4.3
CVSSv2
CVE-2007-5806
Cross-site scripting (XSS) vulnerability in Services/Utilities/classes/class.ilUtil.php in ILIAS 3.8.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via attributes inside a domain-name string in the (1) mailing or (2) forum component, ...
Ilias Ilias 3.8.2
Ilias Ilias
Ilias Ilias 3.8
Ilias Ilias 3.8.1
NA
CVE-2023-36484
ILIAS 7.21 and 8.0_beta1 up to and including 8.2 is vulnerable to reflected Cross-Site Scripting (XSS).
Ilias Ilias
Ilias Ilias 7.21
Ilias Ilias 8.0
4.3
CVSSv2
CVE-2018-11117
Services/Feeds/classes/class.ilExternalFeedItem.php in ILIAS 5.1.x, 5.2.x, and 5.3.x prior to 5.3.5 has XSS via a link attribute.
Ilias Ilias
Ilias Ilias 5.1.0
Ilias Ilias 5.2.0
4.3
CVSSv2
CVE-2018-11118
The RSS subsystem in ILIAS 5.1.x, 5.2.x, and 5.3.x prior to 5.3.5 has XSS via a URI to Services/Feeds/classes/class.ilExternalFeedItem.php.
Ilias Ilias
Ilias Ilias 5.1.0
Ilias Ilias 5.2.0
5.8
CVSSv2
CVE-2018-11119
ILIAS 5.1.x, 5.2.x, and 5.3.x prior to 5.3.5 redirects a logged-in user to a third-party site via the return_to_url parameter.
Ilias Ilias
Ilias Ilias 5.2.0
Ilias Ilias 5.1.0
4.3
CVSSv2
CVE-2018-11120
Services/COPage/classes/class.ilPCSourceCode.php in ILIAS 5.1.x, 5.2.x, and 5.3.x prior to 5.3.5 has XSS.
Ilias Ilias
Ilias Ilias 5.1.0
Ilias Ilias 5.2.0
NA
CVE-2023-36488
ILIAS 7.21 and 8.0_beta1 up to and including 8.2 is vulnerable to stored Cross Site Scripting (XSS).
Ilias Ilias
Ilias Ilias 7.21
4.3
CVSSv2
CVE-2018-5688
ILIAS prior to 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component.
Ilias Ilias
1 EDB exploit
4.3
CVSSv2
CVE-2018-10306
Services/Form/classes/class.ilDateDurationInputGUI.php and Services/Form/classes/class.ilDateTimeInputGUI.php in ILIAS 5.1.x up to and including 5.3.x prior to 5.3.4 allow XSS via an invalid date.
Ilias Ilias
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »