Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ilias vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-10307
error.php in ILIAS 5.2.x up to and including 5.3.x prior to 5.3.4 allows XSS via the text of a PDO exception.
Ilias Ilias
6.5
CVSSv3
CVE-2020-23995
An information disclosure vulnerability in ILIAS prior to 5.3.19, 5.4.12 and 6.0 allows remote authenticated malicious users to get the upload data path via a workspace upload.
Ilias Ilias
8.8
CVSSv3
CVE-2020-23996
A local file inclusion vulnerability in ILIAS prior to 5.3.19, 5.4.10 and 6.0 allows remote authenticated malicious users to execute arbitrary code via the import of personal data.
Ilias Ilias
6.1
CVSSv3
CVE-2017-7583
ILIAS prior to 5.2.3 has XSS via SVG documents.
Ilias Ilias
6.1
CVSSv3
CVE-2019-1010237
Ilias 5.3 prior to 5.3.12; 5.2 prior to 5.2.21 is affected by: Cross Site Scripting (XSS) - CWE-79 Type 2: Stored XSS (or Persistent). The impact is: Execute code in the victim's browser. The component is: Assessment / TestQuestionPool. The attack vector is: Cloze Test Text ...
Ilias Ilias
6.1
CVSSv3
CVE-2018-10665
ILIAS 5.3.4 has XSS through unsanitized output of PHP_SELF, related to shib_logout.php and third-party demo files.
Ilias Ilias 5.3.4
NA
CVE-2014-2088
Unrestricted file upload vulnerability in ilias.php in ILIAS 4.4.1 allows remote authenticated users to execute arbitrary PHP code by using a .php filename in an upload_files action to the uploadFiles command, and then accessing the .php file via a direct request to a certain cli...
Ilias Ilias 4.4.1
1 EDB exploit
5.4
CVSSv3
CVE-2020-25267
An XSS issue exists in the question-pool file-upload preview feature in ILIAS 6.4.
Ilias Ilias 6.4.0
6.5
CVSSv3
CVE-2023-45867
ILIAS (2013-09-12 release) contains a medium-criticality Directory Traversal local file inclusion vulnerability in the ScormAicc module. An attacker with a privileged account, typically holding the tutor role, can exploit this to gain unauthorized access to and potentially retrie...
Ilias Ilias 7.25
8.1
CVSSv3
CVE-2023-45868
The Learning Module in ILIAS 7.25 (2023-09-12 release) allows an attacker (with basic user privileges) to achieve a high-impact Directory Traversal attack on confidentiality and availability. By exploiting this network-based vulnerability, the attacker can move specified director...
Ilias Ilias 7.25
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »