ILIAS 6.1

CPE Details

ILIAS 6.1
ilias
ilias
6.1
2021-05-19
18h39 +00:00
2021-05-19
19h50 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ilias:ilias:6.1:*:*:*:*:*:*:*

Informations

Vendor

ilias

Product

ilias

Version

6.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-36485 2023-12-24 23h00 +00:00 The workflow-engine of ILIAS before 7.23 and 8 before 8.3 allows remote authenticated users to run arbitrary system commands on the application server as the application user via a malicious BPMN2 workflow definition file.
7.2
High
CVE-2023-36486 2023-12-24 23h00 +00:00 The workflow-engine of ILIAS before 7.23 and 8 before 8.3 allows remote authenticated users to run arbitrary system commands on the application server as the application user by uploading a workflow definition file with a malicious filename.
7.2
High
CVE-2022-45915 2022-12-06 23h00 +00:00 ILIAS before 7.16 allows OS Command Injection.
8.8
High
CVE-2022-45916 2022-12-06 23h00 +00:00 ILIAS before 7.16 allows XSS.
5.4
Medium
CVE-2022-45917 2022-12-06 23h00 +00:00 ILIAS before 7.16 has an Open Redirect.
6.1
Medium
CVE-2022-45918 2022-12-06 23h00 +00:00 ILIAS before 7.16 allows External Control of File Name or Path.
6.5
Medium
CVE-2022-31266 2022-06-28 22h46 +00:00 In ILIAS through 7.10, lack of verification when changing an email address (on the Profile Page) allows remote attackers to take over accounts.
4.3
Medium