CVE-2025-11345

A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes deserialization. It is possible to initiate the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 can resolve this issue. Upgradin...

EUVD-2025-32586

A vulnerability has been found in ILIAS up to 8.23/9.13/10.1. This affects the function unserialize of the component Base64 Decoding Handler. Such manipulation of the argument fsettings leads to deserialization. It is possible to launch the attack remotely. Upgrading to version 8.24, 9.14 and 10....

EUVD-2025-32587

A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes deserialization. It is possible to initiate the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 can resolve this issue. Upgradin...

CVE-2025-11344

A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vulnerability is an unknown functionality of the component Certificate Import Handler. The manipulation results in Remote Code Execution. The attack may be performed from remote. Upgrading to version 8.24, 9.14 and 10.2...

CVE-2025-11345

A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes deserialization. It is possible to initiate the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 can resolve this issue. Upgradin...

CVE-2025-11344

A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vulnerability is an unknown functionality of the component Certificate Import Handler. The manipulation results in Remote Code Execution. The attack may be performed from remote. Upgrading to version 8.24, 9.14 and 10.2...

CVE-2025-11345 ILIAS Test Import unserialize deserialization

A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes deserialization. It is possible to initiate the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 can resolve this issue. Upgradin...

CVE-2025-11345

CVE-2025-11345 affects ILIAS up to versions 8.23, 9.13, and 10.1, where the unserialize function in the Test Import component is vulnerable to deserialization, enabling a remote attack. The issue stems from improper handling of deserialization within Test Import, with remote initiation possible. ...

CVE-2025-11345 ILIAS Test Import unserialize deserialization

A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes deserialization. It is possible to initiate the attack remotely. Upgrading to version 8.24, 9.14 and 10.2 can resolve this issue. Upgradin...

CVE-2025-11344

CVE-2025-11344 affects the ILIAS open-source learning platform in versions up to 8.23, 9.13, and 10.1. The vulnerability involves an unknown function within the Certificate Import Handler that can be manipulated to achieve Remote Code Execution . Exploitation may be possible remotely. A fix is pu...

PT-2025-40942

Name of the Vulnerable Software and Affected Versions ILIAS versions up to 8.23 ILIAS versions up to 9.13 ILIAS versions up to 10.1 Description A flaw exists due to deserialization in the unserialize function of the Test Import component. This manipulation can be initiated remotely. Recommendatio...

CVE-2025-5139

A vulnerability was found in Qualitor 8.20/8.24. It has been rated as critical. Affected by this issue is some unknown functionality of the file /html/ad/adconexaooffice365/request/testaConexaoOffice365.php of the component Office 365-type Connection Handler. The manipulation of the argument...

CVE-2024-48359

Qualitor v8.24 was discovered to contain a remote code execution RCE vulnerability via the gridValoresPopHidden parameter...

PT-2024-33091 · Qualitor · Qualitor

Name of the Vulnerable Software and Affected Versions: Qualitor versions 8.24 and below Description: The issue is related to a Server-Side Request Forgery SSRF in the component /request/viewValidacao.php. This allows for an unauthenticated server-side request forgery vulnerability. Recommendation...

PT-2024-33089 · Qualitor · Qualitor

Name of the Vulnerable Software and Affected Versions: Qualitor version 8.24 Description: The issue is a remote code execution RCE vulnerability. It can be exploited via the gridValoresPopHidden parameter. Recommendations: For Qualitor version 8.24, avoid using the gridValoresPopHidden parameter...

CVE-2024-44849

Qualitor up to 8.24 is vulnerable to Remote Code Execution RCE via Arbitrary File Upload in checkAcesso.php...

CVE-2024-44849

Qualitor # Answer with one JSON object as required. The insight is in Markdown format and concise. If you need a shorter version, I can provide it. However, ensure it adheres to the given structure. Nonetheless, this retains all supported factual details from the documents. If you'd like me to ta...

CVE-2020-13476

The CVE-2020-13476 entry describes a Reflected XSS in the Quotes List module of NCH Express Invoice versions 8.06–8.24. Affected software is the NCH Express Invoice product (Invoice software). According to the NVD entry, the vulnerability is network-accessible with MEDIUM overall risk (CVSS v3.1 ...

NCH Express Invoice 跨站脚本漏洞

NCH Express Invoice is invoice software that allows you to create print-ready invoices that can be emailed or faxed to your customers for faster payment. A reflected cross-site scripting vulnerability exists in the Quotes List module in NCH Express Invoice 8.06-8.24. No detailed vulnerability...

NCH Express Accounts Security Vulnerability

NCH Express Accounts Accounting is a business accounting software. The software includes features such as financial income and expense management, financial analysis and reporting. A security vulnerability exists in NCH Express Accounts version 8.24 and prior versions that allows local users to...