5 matches found
EUVD-2024-31264
Malicious code in bioql PyPI...
CVE-2024-33529
ILIAS 7 before 7.30 and ILIAS 8 before 8.11 as well as ILIAS 9.0 allow remote authenticated attackers with administrative privileges to execute operating system commands via file uploads with dangerous types...
CVE-2024-33526
A Stored Cross-site Scripting XSS vulnerability in the "Import of user role and title of user role" feature in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with administrative privileges to inject arbitrary web script or HTML via XML file upload...
Design/Logic Flaw
The password reset function in ILIAS 7.0beta1 through 7.20 and 8.0beta1 through 8.1 allows remote attackers to take over the account...
CVE-2024-33526
A Stored Cross-site Scripting XSS vulnerability in the "Import of user role and title of user role" feature in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with administrative privileges to inject arbitrary web script or HTML via XML file upload...