Blackboard : Security Vulnerabilities, CVEs, CVSS score >= 7

CVE-2005-4338

announcement.pl in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to gain administrator privileges by setting the context parameter to "admin".
Max CVSS
10.0
EPSS Score
0.44%
Published
2005-12-19
Updated
2008-09-05

CVE-2005-4337

The login page in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to bypass authentication and gain privileges as other users via a modified user_id parameter and a "/" in the encoded_pw parameter.
Max CVSS
7.5
EPSS Score
0.44%
Published
2005-12-19
Updated
2008-09-05

CVE-2002-1007

Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web script via (1) the course_id parameter in a link to login.pl, (2) the CTID parameter in ProcessInfo.cgi, or (3) the Message parameter in index.cgi.
Max CVSS
7.5
EPSS Score
3.09%
Published
2002-10-04
Updated
2008-09-05

CVE-2000-0627

BlackBoard CourseInfo 4.0 does not properly authenticate users, which allows local users to modify CourseInfo database information and gain privileges by directly calling the supporting CGI programs such as user_update_passwd.pl and user_update_admin.pl.
Max CVSS
7.5
EPSS Score
0.04%
Published
2000-07-18
Updated
2017-10-10
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close