Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ilias ilias vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-1010237
Ilias 5.3 prior to 5.3.12; 5.2 prior to 5.2.21 is affected by: Cross Site Scripting (XSS) - CWE-79 Type 2: Stored XSS (or Persistent). The impact is: Execute code in the victim's browser. The component is: Assessment / TestQuestionPool. The attack vector is: Cloze Test Text ...
Ilias Ilias
8.8
CVSSv3
CVE-2022-45915
ILIAS prior to 7.16 allows OS Command Injection.
Ilias Ilias
5.4
CVSSv3
CVE-2022-45916
ILIAS prior to 7.16 allows XSS.
Ilias Ilias
6.1
CVSSv3
CVE-2022-45917
ILIAS prior to 7.16 has an Open Redirect.
Ilias Ilias
6.5
CVSSv3
CVE-2022-45918
ILIAS prior to 7.16 allows External Control of File Name or Path.
Ilias Ilias
6.5
CVSSv3
CVE-2023-45867
ILIAS (2013-09-12 release) contains a medium-criticality Directory Traversal local file inclusion vulnerability in the ScormAicc module. An attacker with a privileged account, typically holding the tutor role, can exploit this to gain unauthorized access to and potentially retrie...
Ilias Ilias 7.25
8.1
CVSSv3
CVE-2023-45868
The Learning Module in ILIAS 7.25 (2023-09-12 release) allows an attacker (with basic user privileges) to achieve a high-impact Directory Traversal attack on confidentiality and availability. By exploiting this network-based vulnerability, the attacker can move specified director...
Ilias Ilias 7.25
9
CVSSv3
CVE-2023-45869
ILIAS 7.25 (2023-09-12) allows any authenticated user to execute arbitrary operating system commands remotely, when a highly privileged account accesses an XSS payload. The injected commands are executed via the exec() function in the execQuoted() method of the ilUtil class (/Ser...
Ilias Ilias 7.25
6.1
CVSSv3
CVE-2018-10665
ILIAS 5.3.4 has XSS through unsanitized output of PHP_SELF, related to shib_logout.php and third-party demo files.
Ilias Ilias 5.3.4
8.8
CVSSv3
CVE-2020-25268
Remote Code Execution can occur via the external news feed in ILIAS 6.4 because of incorrect parameter sanitization for Magpie RSS data.
Ilias Ilias 6.4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »