Blackboard : Security Vulnerabilities, CVEs, CVSS score >= 7
announcement.pl in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to gain administrator privileges by setting the context parameter to "admin".
Max CVSS
10.0
EPSS Score
0.44%
Published
2005-12-19
Updated
2008-09-05
The login page in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to bypass authentication and gain privileges as other users via a modified user_id parameter and a "/" in the encoded_pw parameter.
Max CVSS
7.5
EPSS Score
0.44%
Published
2005-12-19
Updated
2008-09-05
Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web script via (1) the course_id parameter in a link to login.pl, (2) the CTID parameter in ProcessInfo.cgi, or (3) the Message parameter in index.cgi.
Max CVSS
7.5
EPSS Score
3.09%
Published
2002-10-04
Updated
2008-09-05
BlackBoard CourseInfo 4.0 does not properly authenticate users, which allows local users to modify CourseInfo database information and gain privileges by directly calling the supporting CGI programs such as user_update_passwd.pl and user_update_admin.pl.
Max CVSS
7.5
EPSS Score
0.04%
Published
2000-07-18
Updated
2017-10-10
4 vulnerabilities found