Academic Suite
Approved changes feed: RSS · Atom
cpe:2.3:a:blackboard:academic_suite:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Blackboard (7fa2ec50-0f9d-59ab-8245-e6281fc9111e) |
|---|---|
| Product | Academic Suite (ce6e0fdd-e80a-5644-9681-a0e4d604ecb8) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2008-1795 |
vulnerable | 2026-06-08 04:50:21.937661 |
Details available
Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Academic Suite 7.x and earlier, and possibly some 8.0 versions, allow remote attackers to inject arbitrary web script or HTML via (1) the searchText parameter in a Course action to webapps/blackboard/execute/viewCatalog or (2) the data__announcements___pk1_pk2__subject parameter in an ADD action to bin/common/announcement.pl.
Published: 2008-04-15T17:00:00.000Z
Updated: 2024-08-07T08:32:01.287Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-4341 |
vulnerable | 2026-06-08 04:48:43.635705 |
Details available
Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to list all available categories via a blank category_id parameter to category.pl. NOTE: it is not clear whether this information is sensitive or not, so this might not be an exposure.
Published: 2005-12-17T21:00:00.000Z
Updated: 2024-09-16T22:09:27.669Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-4339 |
vulnerable | 2026-06-08 04:48:43.635324 |
Details available
Cross-site scripting (XSS) vulnerability in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to inject arbitrary web script or HTML via the context parameter to announcement.pl, which is reflected in the resulting page.
Published: 2005-12-17T21:00:00.000Z
Updated: 2024-09-16T23:47:05.905Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-4338 |
vulnerable | 2026-06-08 04:48:43.635015 |
Details available
announcement.pl in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to gain administrator privileges by setting the context parameter to "admin".
Published: 2005-12-17T21:00:00.000Z
Updated: 2024-09-16T19:35:17.199Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-4337 |
vulnerable | 2026-06-08 04:48:43.634696 |
Details available
The login page in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to bypass authentication and gain privileges as other users via a modified user_id parameter and a "/" in the encoded_pw parameter.
Published: 2005-12-17T21:00:00.000Z
Updated: 2024-09-16T19:30:21.863Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-4206 |
vulnerable | 2026-06-08 04:48:43.230410 |
Details available
Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to redirect users to other URLs and conduct phishing attacks via a modified url parameter to frameset.jsp, which loads the URL into a frame and causes it to appear to be part of a valid page.
Published: 2005-12-13T11:00:00.000Z
Updated: 2025-01-16T19:48:36.106Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.