CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2005-4337

HIGH
7.5
CVSS Severity Score
EPSS Score0.0200%
EPSS Percentile24.04th
Published2005年12月19日
Last Modified2026年4月16日

Vulnerability Description

The login page in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to bypass authentication and gain privileges as other users via a modified user_id parameter and a "/" in the encoded_pw parameter.

Affected Platforms (CPE)

📦
Blackboard

Academic Suite

All versions
📦
Blackboard

Academic Suite

= 6.2.3.23
📦
Blackboard

Academic Suite

= 6.3.1.424

References & Advisories

🔗 http://www.ipomonis.com/advisories/Bb_6.zip
🔗 http://www.osvdb.org/21616
🔗 http://www.ipomonis.com/advisories/Bb_6.zip
🔗 http://www.osvdb.org/21616

相關漏洞威脅

CVE-2005-433810.0

announcement.pl in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions befor...

CVE-2008-18836.8

The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly by clients, which makes it easie...

CVE-2005-42066.1

Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote a...

CVE-2006-39146.0

Cross-site scripting (XSS) vulnerability in Blackboard Academic Suite 6.2.3.23 allows remote authenticated users to inject arbitra...