35 matches found
EUVD-2005-4336
Malware in sbrugna...
EUVD-2005-4332
Malware in sbrugna...
EUVD-2005-4334
Malware in sbrugna...
EUVD-2007-5207
Malware in sbrugna...
EUVD-2006-4296
Malware in sbrugna...
CVE-2005-4338
announcement.pl in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to gain administrator privileges by setting the context parameter to "admin"...
CVE-2005-4339
Cross-site scripting XSS vulnerability in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to inject arbitrary web script or HTML via the context parameter to announcement.pl, which is reflected in the...
CVE-2005-4341
Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to list all available categories via a blank categoryid parameter to category.pl. NOTE: it is not clear whether this information is sensitive or not, so this...
CVE-2005-4337
The login page in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to bypass authentication and gain privileges as other users via a modified userid parameter and a "/" in the encodedpw parameter...
Blackboard Learning System 5.x/6.0 - Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/10101/info Blackboard Learning System has been reported prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly validate user supplied URI input. The first...
Blackboard Learning System 6.0 Dropbox File Download Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10515/info It is reported that Blackboard improperly allows users to download files posted in the 'Digital Dropbox'. Files in the dropbox are intended for the course administrators. The application does not verify that th...
Blackboard Learning System <= 8.0 SP6 Unspecified XSS
According to its version number, the Blackboard Learning System, now known as Blackboard Learn, install hosted on the remote web server is affected by an unspecified cross-site scripting vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's...
Blackboard Vista/CE vulnerable to cross-site scripting
Overview Blackboard Vista/CE is a learning management system LMS. Blackboard Vista/CE contains a cross-site scripting vulnerability. ICHIHARA Ryohei of SERAKU Co.,Ltd. reported this vulnerability to the developer. JPCERT/CC coordinated with the developer under Information Security Early Warning...
CVE-2007-5227
Multiple cross-site scripting XSS vulnerabilities in messaging/course/composeMessage.jsp in BlackBoard Learning System 6.3.1.593 and earlier in BlackBoard Academic Suite allow remote attackers to inject arbitrary web script or HTML via the 1 subjectt and 2 bodytext parameters. NOTE: vector 2...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in messaging/course/composeMessage.jsp in BlackBoard Learning System 6.3.1.593 and earlier in BlackBoard Academic Suite allow remote attackers to inject arbitrary web script or HTML via the 1 subjectt and 2 bodytext parameters. NOTE: vector 2...
CVE-2007-5227
Affected software: Blackboard Learning System 6.3.1.593 and earlier Blackboard Academic Suite. Vulnerability: cross-site scripting in messaging/course/composeMessage.jsp; exploitable via the subject_t and body_text parameters (vector 2 bypasses a client-side filter). Impact: allows remote attacke...
CVE-2006-4308
CVE-2006-4308 describes multiple cross-site scripting (XSS) vulnerabilities in Blackboard Learning System 6, Blackboard Learning and Community Portal Suite 6.2.3.23, and Blackboard Vista 4. The issue allows remote attackers to inject arbitrary Javascript, VBScript, or HTML via (1) data, (2) vbscr...
CVE-2005-4337
The login page in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to bypass authentication and gain privileges as other users via a modified userid parameter and a "/" in the encodedpw parameter...
CVE-2005-4339
Cross-site scripting XSS vulnerability in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to inject arbitrary web script or HTML via the context parameter to announcement.pl, which is reflected in the...
CVE-2005-4338
The CVE-2005-4338 entry affects Blackboard Learning and Community Portal System (Academic Suite) versions 6.3.1.424, 6.2.3.23, and earlier 6.x. The vulnerability, as described in multiple feeds, allows remote attackers to gain administrator privileges by setting the context parameter to "admin". ...