📦 Ilias
by Ilias
🔍 What is Ilias?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability allows any authenticated ILIAS user to execute arbitrary operating system commands when a privileged administrator account interacts with a crafted XSS payload. The attack combines ...
CVE-2023-36487 is a critical authentication bypass vulnerability in ILIAS learning management system that allows remote attackers to take over user accounts via the password reset function. Attackers ...
This vulnerability allows authenticated administrators in ILIAS e-learning platforms to execute arbitrary operating system commands by uploading files with dangerous file types. It affects ILIAS versi...
A stored cross-site scripting (XSS) vulnerability in ILIAS e-learning LMS allows authenticated administrators to inject malicious scripts via XML file uploads in user role import functionality. This a...
This vulnerability allows remote authenticated users to execute arbitrary system commands on the ILIAS application server by uploading a workflow definition file with a malicious filename. The attacke...
CVE-2023-45868 is a directory traversal vulnerability in ILIAS Learning Module 7.25 that allows authenticated attackers to relocate directories outside the document root to publicly accessible locatio...
CVE-2020-23996 is a local file inclusion vulnerability in ILIAS e-learning platforms that allows remote authenticated attackers to execute arbitrary code by importing malicious personal data. This aff...
This CVE describes a remote deserialization vulnerability in ILIAS learning management systems. Attackers can exploit the Base64 Decoding Handler's unserialize function by manipulating the f_settings ...
This vulnerability in ILIAS learning management system allows remote attackers to execute arbitrary code through the Certificate Import Handler component. It affects ILIAS installations up to versions...
A stored cross-site scripting (XSS) vulnerability in ILIAS eLearning LMS allows authenticated users with tutor privileges to inject malicious scripts via XML file upload. This can lead to session hija...