Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ilias ilias vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2008-5816
SQL injection vulnerability in repository.php in ILIAS 3.7.4 and previous versions allows remote malicious users to execute arbitrary SQL commands via the ref_id parameter.
Ilias Ilias 3.7.2
Ilias Ilias 3.7.1
Ilias Ilias 3.7.0
Ilias Ilias
Ilias Ilias 3.7.3
1 EDB exploit
383
VMScore
CVE-2007-5806
Cross-site scripting (XSS) vulnerability in Services/Utilities/classes/class.ilUtil.php in ILIAS 3.8.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via attributes inside a domain-name string in the (1) mailing or (2) forum component, ...
Ilias Ilias 3.8.2
Ilias Ilias
Ilias Ilias 3.8
Ilias Ilias 3.8.1
NA
CVE-2023-36484
ILIAS 7.21 and 8.0_beta1 up to and including 8.2 is vulnerable to reflected Cross-Site Scripting (XSS).
Ilias Ilias
Ilias Ilias 7.21
Ilias Ilias 8.0
383
VMScore
CVE-2018-11117
Services/Feeds/classes/class.ilExternalFeedItem.php in ILIAS 5.1.x, 5.2.x, and 5.3.x prior to 5.3.5 has XSS via a link attribute.
Ilias Ilias
Ilias Ilias 5.1.0
Ilias Ilias 5.2.0
383
VMScore
CVE-2018-11118
The RSS subsystem in ILIAS 5.1.x, 5.2.x, and 5.3.x prior to 5.3.5 has XSS via a URI to Services/Feeds/classes/class.ilExternalFeedItem.php.
Ilias Ilias
Ilias Ilias 5.1.0
Ilias Ilias 5.2.0
516
VMScore
CVE-2018-11119
ILIAS 5.1.x, 5.2.x, and 5.3.x prior to 5.3.5 redirects a logged-in user to a third-party site via the return_to_url parameter.
Ilias Ilias
Ilias Ilias 5.2.0
Ilias Ilias 5.1.0
383
VMScore
CVE-2018-11120
Services/COPage/classes/class.ilPCSourceCode.php in ILIAS 5.1.x, 5.2.x, and 5.3.x prior to 5.3.5 has XSS.
Ilias Ilias
Ilias Ilias 5.1.0
Ilias Ilias 5.2.0
NA
CVE-2023-36488
ILIAS 7.21 and 8.0_beta1 up to and including 8.2 is vulnerable to stored Cross Site Scripting (XSS).
Ilias Ilias
Ilias Ilias 7.21
356
VMScore
CVE-2020-23995
An information disclosure vulnerability in ILIAS prior to 5.3.19, 5.4.12 and 6.0 allows remote authenticated malicious users to get the upload data path via a workspace upload.
Ilias Ilias
NA
CVE-2022-45918
ILIAS prior to 7.16 allows External Control of File Name or Path.
Ilias Ilias
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »