Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.10 views

CVE-2023-45868

The Learning Module in ILIAS 7.25 2023-09-12 release allows an attacker with basic user privileges to achieve a high-impact Directory Traversal attack on confidentiality and availability. By exploiting this network-based vulnerability, the attacker can move specified directories, normally outside...

8.1CVSS6.7AI score0.01116EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:25 a.m.10 views

CVE-2023-45869

ILIAS 7.25 2023-09-12 allows any authenticated user to execute arbitrary operating system commands remotely, when a highly privileged account accesses an XSS payload. The injected commands are executed via the exec function in the execQuoted method of the ilUtil class...

9CVSS6.6AI score0.00765EPSS
Exploits1References1
NVD
NVD
added 2023/10/26 3:15 p.m.12 views

CVE-2023-45869

ILIAS 7.25 2023-09-12 allows any authenticated user to execute arbitrary operating system commands remotely, when a highly privileged account accesses an XSS payload. The injected commands are executed via the exec function in the execQuoted method of the ilUtil class...

9CVSS9AI score0.00765EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/10/26 3:15 p.m.24 views

CVE-2023-45868

The Learning Module in ILIAS 7.25 2023-09-12 release allows an attacker with basic user privileges to achieve a high-impact Directory Traversal attack on confidentiality and availability. By exploiting this network-based vulnerability, the attacker can move specified directories, normally outside...

8.1CVSS5.8AI score0.01116EPSS
Exploits2References3
NVD
NVD
added 2023/10/26 3:15 p.m.24 views

CVE-2023-45868

The Learning Module in ILIAS 7.25 2023-09-12 release allows an attacker with basic user privileges to achieve a high-impact Directory Traversal attack on confidentiality and availability. By exploiting this network-based vulnerability, the attacker can move specified directories, normally outside...

8.1CVSS7.9AI score0.01116EPSS
Exploits1References2
Prion
Prion
added 2023/10/26 3:15 p.m.23 views

Cross site scripting

ILIAS 7.25 2023-09-12 allows any authenticated user to execute arbitrary operating system commands remotely, when a highly privileged account accesses an XSS payload. The injected commands are executed via the exec function in the execQuoted method of the ilUtil class...

6CVSS8.8AI score0.00765EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/10/26 12:0 a.m.73 views

CVE-2023-45869

ILIAS 7.25 2023-09-12 allows any authenticated user to execute arbitrary operating system commands remotely, when a highly privileged account accesses an XSS payload. The injected commands are executed via the exec function in the execQuoted method of the ilUtil class...

9CVSS6.7AI score0.00765EPSS
Exploits1References4
OSV
OSV
added 2023/10/26 12:0 a.m.30 views

CVE-2023-45868

The Learning Module in ILIAS 7.25 2023-09-12 release allows an attacker with basic user privileges to achieve a high-impact Directory Traversal attack on confidentiality and availability. By exploiting this network-based vulnerability, the attacker can move specified directories, normally outside...

8.1CVSS6.9AI score0.01116EPSS
Exploits2References4
Cvelist
Cvelist
added 2023/10/26 12:0 a.m.29 views

CVE-2023-45868

The Learning Module in ILIAS 7.25 2023-09-12 release allows an attacker with basic user privileges to achieve a high-impact Directory Traversal attack on confidentiality and availability. By exploiting this network-based vulnerability, the attacker can move specified directories, normally outside...

8.1AI score0.01116EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/10/26 12:0 a.m.23 views

CVE-2023-45869

ILIAS 7.25 2023-09-12 allows any authenticated user to execute arbitrary operating system commands remotely, when a highly privileged account accesses an XSS payload. The injected commands are executed via the exec function in the execQuoted method of the ilUtil class...

9CVSS6.8AI score0.00765EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/10/13 12:0 a.m.5 views

PT-2023-6722 · Ilias · Ilias

Name of the Vulnerable Software and Affected Versions: ILIAS version 7.25 Description: The issue exists due to incorrect restriction of the path name to a directory with limited access in the Learning Module component of the ILIAS learning management system. Exploitation of this issue may allow a...

8.5CVSS6.6AI score0.01116EPSS
Exploits2References11
Rows per page
Query Builder