Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
---|---|---|---|---|---|
CVE-2022-45918 | BDSA-2022-3513 | Low | Dec 07, 2022 | ILIAS before 7.16 allows External Control of File Name or Path. |
0.7.0, 4.4.6, 4.4.4, 4.4.7, 4.3.9, 4.4.5, 5.0.0, 4.3.10, 4.2.10, 4.3.8
|
CVE-2022-45917 | BDSA-2022-3512 | Low | Dec 07, 2022 | ILIAS before 7.16 has an Open Redirect. |
0.7.0, 4.4.6, 4.4.4, 4.4.7, 4.3.9, 4.4.5, 5.0.0, 4.3.10, 4.2.10, 4.3.8
|
CVE-2022-45916 | BDSA-2022-3508 | Low | Dec 07, 2022 | ILIAS before 7.16 allows XSS. |
0.7.0, 4.4.6, 4.4.4, 4.4.7, 4.3.9, 4.4.5, 5.0.0, 4.3.10, 4.2.10, 4.3.8
|
CVE-2022-45915 | BDSA-2022-3502 | Low | Dec 07, 2022 | ILIAS before 7.16 allows OS Command Injection. |
0.7.0, 4.4.6, 4.4.4, 4.4.7, 4.3.9, 4.4.5, 5.0.0, 4.3.10, 4.2.10, 4.3.8
|
CVE-2022-31266 | BDSA-2022-1781 | High | Jun 29, 2022 | In ILIAS through 7.10, lack of verification when changing an email address (on the Profile Page) allows remote attackers to take over accounts. |
0.7.0, 4.4.6, 4.4.4, 4.4.7, 4.3.9, 4.4.5, 5.0.0, 4.3.10, 4.2.10, 4.3.8
|
CVE-2020-23996 | BDSA-2020-4408 | Medium | May 13, 2021 | A local file inclusion vulnerability in ILIAS before 5.3.19, 5.4.10 and 6.0 allows remote authenticated attackers to execute arbitrary code via the imp more... |
0.7.0, 4.4.6, 4.4.4, 4.4.7, 4.3.9, 4.4.5, 5.0.0, 4.3.10, 4.2.10, 4.3.8
|
CVE-2020-23995 | BDSA-2021-1358 | Medium | May 13, 2021 | An information disclosure vulnerability in ILIAS before 5.3.19, 5.4.12 and 6.0 allows remote authenticated attackers to get the upload data path via a more... |
0.7.0, 4.4.6, 4.4.4, 4.4.7, 4.3.9, 4.4.5, 5.0.0, 4.3.10, 4.2.10, 4.3.8
|
CVE-2018-5688 | BDSA-2018-0059 | Medium | Jan 14, 2018 | ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component. |
0.7.0, 4.4.6, 4.4.4, 4.4.7, 4.3.9, 4.4.5, 5.0.0, 4.3.10, 4.2.10, 4.3.8
|
CVE-2018-10428 | BDSA-2018-1567 | Medium | May 23, 2018 | ILIAS before 5.1.26, 5.2.x before 5.2.15, and 5.3.x before 5.3.4, due to inconsistencies in parameter handling, is vulnerable to various instances of r more... |
0.7.0, 4.4.6, 4.4.4, 4.4.7, 4.3.9, 4.4.5, 5.0.0, 4.3.10, 4.2.10, 4.3.8
|
CVE-2017-7583 | Medium | Apr 07, 2017 | ILIAS before 5.2.3 has XSS via SVG documents. |
0.7.0, 4.4.6, 4.4.4, 4.4.7, 4.3.9, 4.4.5, 5.0.0, 4.3.10, 4.2.10, 4.3.8
|