Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ilias vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-10306
Services/Form/classes/class.ilDateDurationInputGUI.php and Services/Form/classes/class.ilDateTimeInputGUI.php in ILIAS 5.1.x up to and including 5.3.x prior to 5.3.4 allow XSS via an invalid date.
Ilias Ilias
435
VMScore
CVE-2018-5688
ILIAS prior to 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component.
Ilias Ilias
1 EDB exploit
383
VMScore
CVE-2018-10307
error.php in ILIAS 5.2.x up to and including 5.3.x prior to 5.3.4 allows XSS via the text of a PDO exception.
Ilias Ilias
383
VMScore
CVE-2018-10428
ILIAS prior to 5.1.26, 5.2.x prior to 5.2.15, and 5.3.x prior to 5.3.4, due to inconsistencies in parameter handling, is vulnerable to various instances of reflected cross-site-scripting.
Ilias Ilias
NA
CVE-2022-45917
ILIAS prior to 7.16 has an Open Redirect.
Ilias Ilias
NA
CVE-2023-45867
ILIAS (2013-09-12 release) contains a medium-criticality Directory Traversal local file inclusion vulnerability in the ScormAicc module. An attacker with a privileged account, typically holding the tutor role, can exploit this to gain unauthorized access to and potentially retrie...
Ilias Ilias 7.25
NA
CVE-2023-45868
The Learning Module in ILIAS 7.25 (2023-09-12 release) allows an attacker (with basic user privileges) to achieve a high-impact Directory Traversal attack on confidentiality and availability. By exploiting this network-based vulnerability, the attacker can move specified director...
Ilias Ilias 7.25
NA
CVE-2023-45869
ILIAS 7.25 (2023-09-12) allows any authenticated user to execute arbitrary operating system commands remotely, when a highly privileged account accesses an XSS payload. The injected commands are executed via the exec() function in the execQuoted() method of the ilUtil class (/Ser...
Ilias Ilias 7.25
312
VMScore
CVE-2020-25267
An XSS issue exists in the question-pool file-upload preview feature in ILIAS 6.4.
Ilias Ilias 6.4.0
578
VMScore
CVE-2020-25268
Remote Code Execution can occur via the external news feed in ILIAS 6.4 because of incorrect parameter sanitization for Magpie RSS data.
Ilias Ilias 6.4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »