15 matches found
CVE-2022-31478
The UserTakeOver plugin before 4.0.1 for ILIAS allows an attacker to list all users via the search function...
EUVD-2008-5786
Malware in sbrugna...
CVE-2023-36487
The password reset function in ILIAS 7.0beta1 through 7.20 and 8.0beta1 through 8.1 allows remote attackers to take over the account...
CVE-2023-36488
ILIAS 7.21 and 8.0beta1 through 8.2 is vulnerable to stored Cross Site Scripting XSS...
ILIAS Security Vulnerabilities
ILIAS is an open source learning management system. A security vulnerability exists in ILIAS version 7.25 that stems from allowing an attacker to conduct a high-impact directory traversal attack, which could result in a complete loss of confidentiality, exposure of sensitive resources, and denial...
CVE-2022-45916
ILIAS before 7.16 allows XSS...
CVE-2022-45915
ILIAS before 7.16 allows OS Command Injection...
CVE-2022-45918
ILIAS before 7.16 allows External Control of File Name or Path...
Open redirect
ILIAS before 7.16 has an Open Redirect...
CVE-2020-25268
Remote Code Execution can occur via the external news feed in ILIAS 6.4 because of incorrect parameter sanitization for Magpie RSS data...
CVE-2019-1010237
Ilias 5.3 before 5.3.12; 5.2 before 5.2.21 is affected by: Cross Site Scripting XSS - CWE-79 Type 2: Stored XSS or Persistent. The impact is: Execute code in the victim's browser. The component is: Assessment / TestQuestionPool. The attack vector is: Cloze Test Text gap attacker / Corrections vie...
CVE-2018-10428
ILIAS before 5.1.26, 5.2.x before 5.2.15, and 5.3.x before 5.3.4, due to inconsistencies in parameter handling, is vulnerable to various instances of reflected cross-site-scripting...
CVE-2018-5688
ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component...
Design/Logic Flaw
ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component...
CVE-2017-7583
ILIAS before 5.2.3 has XSS via SVG documents...