Vulnerabilities > Blackboard > Blackboard
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-08-23 | CVE-2006-4308 | Cross-Site Scripting vulnerability in Blackboard products Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Learning System 6, Blackboard Learning and Community Portal Suite 6.2.3.23, and Blackboard Vista 4 allow remote attackers to inject arbitrary Javascript, VBScript, or HTML via (1) data, (2) vbscript, and (3) malformed javascript URIs in various HTML tags when posting to the Discussion Board. | 4.3 |
2004-12-31 | CVE-2004-1581 | Information Disclosure vulnerability in Blackboard 1.5.1 BlackBoard 1.5.1 allows remote attackers to gain sensitive information via a direct request to (1) checkdb.inc.php, (2) admin.inc.php or (3) cp.inc.php, which reveals the path in a PHP error message. | 5.0 |
2002-10-04 | CVE-2002-1007 | Cross-Site Scripting vulnerability in Blackboard 5.0 Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web script via (1) the course_id parameter in a link to login.pl, (2) the CTID parameter in ProcessInfo.cgi, or (3) the Message parameter in index.cgi. | 7.5 |