Dot

1 exploit Active since Jan 2026
CVE-2020-36944 EXPLOITDB MEDIUM text WORKING POC
ILIAS Learning Management System <4.3 - SSRF
ILIAS Learning Management System 4.3 contains a server-side request forgery vulnerability that allows attackers to read local files through portfolio PDF export functionality. Attackers can inject a script that uses XMLHttpRequest to retrieve local file contents when the portfolio is exported to PDF.
CVSS 4.0