Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ilias ilias vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2008-5816
SQL injection vulnerability in repository.php in ILIAS 3.7.4 and previous versions allows remote malicious users to execute arbitrary SQL commands via the ref_id parameter.
Ilias Ilias 3.7.2
Ilias Ilias 3.7.1
Ilias Ilias 3.7.0
Ilias Ilias
Ilias Ilias 3.7.3
1 EDB exploit
383
VMScore
CVE-2007-5806
Cross-site scripting (XSS) vulnerability in Services/Utilities/classes/class.ilUtil.php in ILIAS 3.8.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via attributes inside a domain-name string in the (1) mailing or (2) forum component, ...
Ilias Ilias 3.8.2
Ilias Ilias
Ilias Ilias 3.8
Ilias Ilias 3.8.1
NA
CVE-2023-36484
ILIAS 7.21 and 8.0_beta1 up to and including 8.2 is vulnerable to reflected Cross-Site Scripting (XSS).
Ilias Ilias
Ilias Ilias 7.21
Ilias Ilias 8.0
383
VMScore
CVE-2018-11117
Services/Feeds/classes/class.ilExternalFeedItem.php in ILIAS 5.1.x, 5.2.x, and 5.3.x prior to 5.3.5 has XSS via a link attribute.
Ilias Ilias
Ilias Ilias 5.1.0
Ilias Ilias 5.2.0
383
VMScore
CVE-2018-11118
The RSS subsystem in ILIAS 5.1.x, 5.2.x, and 5.3.x prior to 5.3.5 has XSS via a URI to Services/Feeds/classes/class.ilExternalFeedItem.php.
Ilias Ilias
Ilias Ilias 5.1.0
Ilias Ilias 5.2.0
516
VMScore
CVE-2018-11119
ILIAS 5.1.x, 5.2.x, and 5.3.x prior to 5.3.5 redirects a logged-in user to a third-party site via the return_to_url parameter.
Ilias Ilias
Ilias Ilias 5.2.0
Ilias Ilias 5.1.0
383
VMScore
CVE-2018-11120
Services/COPage/classes/class.ilPCSourceCode.php in ILIAS 5.1.x, 5.2.x, and 5.3.x prior to 5.3.5 has XSS.
Ilias Ilias
Ilias Ilias 5.1.0
Ilias Ilias 5.2.0
NA
CVE-2023-36488
ILIAS 7.21 and 8.0_beta1 up to and including 8.2 is vulnerable to stored Cross Site Scripting (XSS).
Ilias Ilias
Ilias Ilias 7.21
435
VMScore
CVE-2018-5688
ILIAS prior to 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component.
Ilias Ilias
1 EDB exploit
383
VMScore
CVE-2018-10306
Services/Form/classes/class.ilDateDurationInputGUI.php and Services/Form/classes/class.ilDateTimeInputGUI.php in ILIAS 5.1.x up to and including 5.3.x prior to 5.3.4 allow XSS via an invalid date.
Ilias Ilias
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »