Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blackboard vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2006-0511
Blackboard Academic Suite 6.0 and previous versions does not properly clear session information when de-authenticating a user who is idle, which allows subsequent users to log in as the previous user and gain privileges. NOTE: the vendor has disputed this issue, saying that "...
Blackboard Blackboard 5.0.2
Blackboard Blackboard 6.0
Blackboard Blackboard 5.5
Blackboard Blackboard 5.5.1
Blackboard Blackboard 5.0
Blackboard Blackboard Academic Suite 6.0
3.5
CVSSv2
CVE-2020-9008
Stored Cross-site scripting (XSS) vulnerability in Blackboard Learn/PeopleTool v9.1 allows users to inject arbitrary web script via the Tile widget in the People Tool profile editor.
Blackboard Blackboard Learn
Blackboard Blackboard Learn 9.1
5.8
CVSSv2
CVE-2017-18262
Blackboard Learn (Since at least 17th of October 2017) has allowed Unvalidated Redirects on any signed-in user through its endpoints for handling Shibboleth logins, as demonstrated by a webapps/bb-auth-provider-shibboleth-BBLEARN/execute/shibbolethLogin?returnUrl= URI.
Blackboard Blackboard Learn 9.1
Blackboard Blackboard Learn
4.3
CVSSv2
CVE-2006-4308
Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Learning System 6, Blackboard Learning and Community Portal Suite 6.2.3.23, and Blackboard Vista 4 allow remote malicious users to inject arbitrary Javascript, VBScript, or HTML via (1) data, (2) vbscript, and (3) ...
Blackboard Vista 4
Blackboard Blackboard 6.0
Blackboard Blackboard Learning And Community Portal Suite 6.0
Blackboard Blackboard Learning And Community Portal Suite 6.2.3.23
1 EDB exploit
7.5
CVSSv2
CVE-2002-1007
Cross-site scripting vulnerabilities in Blackboard 5 allow remote malicious users to execute arbitrary web script via (1) the course_id parameter in a link to login.pl, (2) the CTID parameter in ProcessInfo.cgi, or (3) the Message parameter in index.cgi.
Blackboard Blackboard 5.0
1 EDB exploit
3.5
CVSSv2
CVE-2021-36746
Blackboard Learn up to and including 9.1 allows XSS by an authenticated user via the Assignment Instructions HTML editor.
Blackboard Blackboard Learn
3.5
CVSSv2
CVE-2021-36747
Blackboard Learn up to and including 9.1 allows XSS by an authenticated user via the Feedback to Learner form.
Blackboard Blackboard Learn
1 Github repository
5
CVSSv2
CVE-2004-1581
BlackBoard 1.5.1 allows remote malicious users to gain sensitive information via a direct request to (1) checkdb.inc.php, (2) admin.inc.php or (3) cp.inc.php, which reveals the path in a PHP error message.
Blackboard Blackboard 1.5.1
NA
CVE-2022-39196
Blackboard Learn 1.10.1 allows remote authenticated users to read unintended files by entering student credentials and then directly visiting a certain webapps/bbcms/execute/ URL.
Blackboard Blackboard Learn 1.10.1
1 Github repository
6.8
CVSSv2
CVE-2008-1883
The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly by clients, which makes it easier for remote malicious users to access accounts via a modified client that skips the javascript/md5.js hash calculation, and instead sends an arbitrar...
Blackboard Blackboard Academic Suite
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »