Filtered by vendor Blackboard
Subscribe
Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0605 | 1 Blackboard | 1 Courseinfo | 2008-09-10 | 2.1 LOW | N/A |
| Blackboard CourseInfo 4.0 stores the local and SQL administrator user names and passwords in cleartext in a registry key whose access control allows users to access the passwords. | |||||
| CVE-2005-4338 | 1 Blackboard | 1 Academic Suite | 2008-09-05 | 10.0 HIGH | N/A |
| announcement.pl in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to gain administrator privileges by setting the context parameter to "admin". | |||||
| CVE-2005-4337 | 1 Blackboard | 1 Academic Suite | 2008-09-05 | 7.5 HIGH | N/A |
| The login page in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to bypass authentication and gain privileges as other users via a modified user_id parameter and a "/" in the encoded_pw parameter. | |||||
| CVE-2005-4339 | 1 Blackboard | 1 Academic Suite | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to inject arbitrary web script or HTML via the context parameter to announcement.pl, which is reflected in the resulting page. | |||||
| CVE-2005-4341 | 1 Blackboard | 1 Academic Suite | 2008-09-05 | 5.0 MEDIUM | N/A |
| Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to list all available categories via a blank category_id parameter to category.pl. NOTE: it is not clear whether this information is sensitive or not, so this might not be an exposure. | |||||
| CVE-2002-1007 | 1 Blackboard | 1 Blackboard | 2008-09-05 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web script via (1) the course_id parameter in a link to login.pl, (2) the CTID parameter in ProcessInfo.cgi, or (3) the Message parameter in index.cgi. | |||||