ILIAS 7.9

CPE Details

ILIAS 7.9
ilias
ilias
7.9
2022-07-07
11h59 +00:00
2022-07-11
12h54 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:ilias:ilias:7.9:*:*:*:*:*:*:*

Informations

Vendor

ilias

Product

ilias

Version

7.9

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-36485 2023-12-24 23h00 +00:00 The workflow-engine of ILIAS before 7.23 and 8 before 8.3 allows remote authenticated users to run arbitrary system commands on the application server as the application user via a malicious BPMN2 workflow definition file.
7.2
Haute
CVE-2023-36486 2023-12-24 23h00 +00:00 The workflow-engine of ILIAS before 7.23 and 8 before 8.3 allows remote authenticated users to run arbitrary system commands on the application server as the application user by uploading a workflow definition file with a malicious filename.
7.2
Haute
CVE-2023-36487 2023-06-28 22h00 +00:00 The password reset function in ILIAS 7.0_beta1 through 7.20 and 8.0_beta1 through 8.1 allows remote attackers to take over the account.
9.8
Critique
CVE-2022-45915 2022-12-06 23h00 +00:00 ILIAS before 7.16 allows OS Command Injection.
8.8
Haute
CVE-2022-45916 2022-12-06 23h00 +00:00 ILIAS before 7.16 allows XSS.
5.4
Moyen
CVE-2022-45917 2022-12-06 23h00 +00:00 ILIAS before 7.16 has an Open Redirect.
6.1
Moyen
CVE-2022-45918 2022-12-06 23h00 +00:00 ILIAS before 7.16 allows External Control of File Name or Path.
6.5
Moyen
CVE-2022-31266 2022-06-28 22h46 +00:00 In ILIAS through 7.10, lack of verification when changing an email address (on the Profile Page) allows remote attackers to take over accounts.
4.3
Moyen