Blackboard

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2005-4337 1Blackboard 1Academic Suite Apr 16, 2026 Dec 19, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 The login page in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to bypass authentication and gain privileges as other users via...Show more The login page in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to bypass authentication and gain privileges as other users via a modified user_id parameter and a "/" in the encoded_pw parameter.Show less
CVE-2005-4206 1Blackboard 1Academic Suite Apr 16, 2026 Dec 13, 2005 N/A· v4 6.1 MEDIUM· v3 4.0 MEDIUM· v2 Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to redirect users to other URLs and conduct phishing attacks via a modified url p...Show more Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to redirect users to other URLs and conduct phishing attacks via a modified url parameter to frameset.jsp, which loads the URL into a frame and causes it to appear to be part of a valid page.Show less
CVE-2004-1581 1Blackboard 1Blackboard Apr 16, 2026 Dec 31, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 BlackBoard 1.5.1 allows remote attackers to gain sensitive information via a direct request to (1) checkdb.inc.php, (2) admin.inc.php or (3) cp.inc.php, which reveals the path in a PHP error message.
CVE-2002-1007 1Blackboard 1Blackboard Apr 16, 2026 Oct 4, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web script via (1) the course_id parameter in a link to login.pl, (2) the CTID parameter in ProcessInfo.cgi, or (3) the Mes...Show more Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web script via (1) the course_id parameter in a link to login.pl, (2) the CTID parameter in ProcessInfo.cgi, or (3) the Message parameter in index.cgi.Show less
CVE-2000-0627 1Blackboard 1Courseinfo Apr 16, 2026 Jul 18, 2000 N/A· v4 N/A· v3 7.5 HIGH· v2 BlackBoard CourseInfo 4.0 does not properly authenticate users, which allows local users to modify CourseInfo database information and gain privileges by directly calling the supporting CGI programs such as user_update_p...Show more BlackBoard CourseInfo 4.0 does not properly authenticate users, which allows local users to modify CourseInfo database information and gain privileges by directly calling the supporting CGI programs such as user_update_passwd.pl and user_update_admin.pl.Show less
CVE-2000-0605 1Blackboard 1Courseinfo Apr 16, 2026 Jul 10, 2000 N/A· v4 N/A· v3 2.1 LOW· v2 Blackboard CourseInfo 4.0 stores the local and SQL administrator user names and passwords in cleartext in a registry key whose access control allows users to access the passwords.

Previous 12