Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-36486 | 1 Ilias | 1 Ilias | 2024-01-03 | N/A | 8.8 HIGH |
| The workflow-engine of ILIAS before 7.23 and 8 before 8.3 allows remote authenticated users to run arbitrary system commands on the application server as the application user by uploading a workflow definition file with a malicious filename. | |||||
| CVE-2023-36485 | 1 Ilias | 1 Ilias | 2024-01-03 | N/A | 8.8 HIGH |
| The workflow-engine of ILIAS before 7.23 and 8 before 8.3 allows remote authenticated users to run arbitrary system commands on the application server as the application user via a malicious BPMN2 workflow definition file. | |||||
| CVE-2020-25268 | 1 Ilias | 1 Ilias | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| Remote Code Execution can occur via the external news feed in ILIAS 6.4 because of incorrect parameter sanitization for Magpie RSS data. | |||||
| CVE-2020-23996 | 1 Ilias | 1 Ilias | 2021-05-21 | 6.5 MEDIUM | 8.8 HIGH |
| A local file inclusion vulnerability in ILIAS before 5.3.19, 5.4.10 and 6.0 allows remote authenticated attackers to execute arbitrary code via the import of personal data. | |||||