Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ilias vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2014-2089
ILIAS 4.4.1 allows remote malicious users to execute arbitrary PHP code via an e-mail attachment that leads to creation of a .php file with a certain client_id pathname.
Ilias Ilias 4.4.1
1 EDB exploit
4.3
CVSSv2
CVE-2018-10665
ILIAS 5.3.4 has XSS through unsanitized output of PHP_SELF, related to shib_logout.php and third-party demo files.
Ilias Ilias 5.3.4
6.5
CVSSv2
CVE-2014-2088
Unrestricted file upload vulnerability in ilias.php in ILIAS 4.4.1 allows remote authenticated users to execute arbitrary PHP code by using a .php filename in an upload_files action to the uploadFiles command, and then accessing the .php file via a direct request to a certain cli...
Ilias Ilias 4.4.1
1 EDB exploit
3.5
CVSSv2
CVE-2014-2090
Multiple cross-site scripting (XSS) vulnerabilities in ilias.php in ILIAS 4.4.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) tar, (2) tar_val, or (3) title parameter.
Ilias Ilias 4.4.1
1 EDB exploit
4
CVSSv2
CVE-2022-31478
The UserTakeOver plugin prior to 4.0.1 for ILIAS allows an malicious user to list all users via the search function.
Sr.solutions Usertakeover
6.8
CVSSv2
CVE-2021-21197
Heap buffer overflow in TabStrip in Google Chrome before 89.0.4389.114 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
4.3
CVSSv2
CVE-2021-21183
Inappropriate implementation in performance APIs in Google Chrome before 89.0.4389.72 allowed a remote malicious user to leak cross-origin data via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2021-21184
Inappropriate implementation in performance APIs in Google Chrome before 89.0.4389.72 allowed a remote malicious user to leak cross-origin data via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2021-21185
Insufficient policy enforcement in extensions in Google Chrome before 89.0.4389.72 allowed an attacker who convinced a user to install a malicious extension to obtain sensitive information via a crafted Chrome Extension.
Google Chrome
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2021-21186
Insufficient policy enforcement in QR scanning in Google Chrome on iOS before 89.0.4389.72 allowed an attacker who convinced the user to scan a QR code to bypass navigation restrictions via a crafted QR code.
Google Chrome
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »