Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ilias ilias vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5816
SQL injection vulnerability in repository.php in ILIAS 3.7.4 and previous versions allows remote malicious users to execute arbitrary SQL commands via the ref_id parameter.
Ilias Ilias 3.7.2
Ilias Ilias 3.7.1
Ilias Ilias 3.7.0
Ilias Ilias
Ilias Ilias 3.7.3
1 EDB exploit
NA
CVE-2007-5806
Cross-site scripting (XSS) vulnerability in Services/Utilities/classes/class.ilUtil.php in ILIAS 3.8.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via attributes inside a domain-name string in the (1) mailing or (2) forum component, ...
Ilias Ilias 3.8.2
Ilias Ilias
Ilias Ilias 3.8
Ilias Ilias 3.8.1
6.1
CVSSv3
CVE-2018-11117
Services/Feeds/classes/class.ilExternalFeedItem.php in ILIAS 5.1.x, 5.2.x, and 5.3.x prior to 5.3.5 has XSS via a link attribute.
Ilias Ilias
Ilias Ilias 5.1.0
Ilias Ilias 5.2.0
6.1
CVSSv3
CVE-2018-11119
ILIAS 5.1.x, 5.2.x, and 5.3.x prior to 5.3.5 redirects a logged-in user to a third-party site via the return_to_url parameter.
Ilias Ilias
Ilias Ilias 5.2.0
Ilias Ilias 5.1.0
6.1
CVSSv3
CVE-2023-36484
ILIAS 7.21 and 8.0_beta1 up to and including 8.2 is vulnerable to reflected Cross-Site Scripting (XSS).
Ilias Ilias
Ilias Ilias 7.21
Ilias Ilias 8.0
6.1
CVSSv3
CVE-2018-11118
The RSS subsystem in ILIAS 5.1.x, 5.2.x, and 5.3.x prior to 5.3.5 has XSS via a URI to Services/Feeds/classes/class.ilExternalFeedItem.php.
Ilias Ilias
Ilias Ilias 5.1.0
Ilias Ilias 5.2.0
6.1
CVSSv3
CVE-2018-11120
Services/COPage/classes/class.ilPCSourceCode.php in ILIAS 5.1.x, 5.2.x, and 5.3.x prior to 5.3.5 has XSS.
Ilias Ilias
Ilias Ilias 5.1.0
Ilias Ilias 5.2.0
5.4
CVSSv3
CVE-2023-36488
ILIAS 7.21 and 8.0_beta1 up to and including 8.2 is vulnerable to stored Cross Site Scripting (XSS).
Ilias Ilias
Ilias Ilias 7.21
5.4
CVSSv3
CVE-2017-15538
Stored XSS vulnerability in the Media Objects component of ILIAS prior to 5.1.21 and 5.2.x prior to 5.2.9 allows an authenticated user to inject JavaScript to gain administrator privileges, related to the setParameter function in Services/MediaObjects/classes/class.ilMediaItem.ph...
Ilias Ilias
8.8
CVSSv3
CVE-2020-23996
A local file inclusion vulnerability in ILIAS prior to 5.3.19, 5.4.10 and 6.0 allows remote authenticated malicious users to execute arbitrary code via the import of personal data.
Ilias Ilias
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »