PT-2025-40941

Name of the Vulnerable Software and Affected Versions ILIAS versions 8.23, 9.13, and 10.1 Description A flaw exists in ILIAS related to the Certificate Import Handler component. This issue allows for Remote Code Execution, potentially triggered remotely. Recommendations Upgrade to version 8.24...

The vulnerability of the ILIAS learning management system and support process, which stems from insufficient validation of input data, allows a perpetrator to execute arbitrary system commands on the application server.

The vulnerability of the ILIAS learning management and support system exists due to insufficient verification of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary system commands on the application server using a specially crafted file...

ILIAS cross-site scripting vulnerability (CNVD-2018-10487)

ILIAS is a Web-based learning management system developed by the ILIAS team. The system contains modules for course management, file sharing, and live chat. A cross-site scripting vulnerability exists in ILIAS versions prior to 5.1.26, 5.2.x prior to 5.2.15 and 5.3.x prior to 5.3.4. A remote...