CVE-2014-2089

ILIAS 4.4.1 - Remote Code Execution

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-2089.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in ILIAS 4.4.1, including persistent XSS, arbitrary file upload leading to webshell deployment, and reflected XSS. It provides detailed HTTP requests for each vulnerability, showing how an attacker can achieve remote code execution (RCE) via file upload and execute arbitrary JavaScript via XSS.

Description

ILIAS 4.4.1 allows remote attackers to execute arbitrary PHP code via an e-mail attachment that leads to creation of a .php file with a certain client_id pathname.

Exploits (1)

exploitdb WORKING POC

webappsphp

https://www.exploit-db.com/exploits/31833

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in ILIAS 4.4.1, including persistent XSS, arbitrary file upload leading to webshell deployment, and reflected XSS. It provides detailed HTTP requests for each vulnerability, showing how an attacker can achieve remote code execution (RCE) via file upload and execute arbitrary JavaScript via XSS.

Classification

Working Poc 95%

Attack Type

Rce | Xss

Complexity

Trivial

Reliability

Reliable

Target: ILIAS 4.4.1

Auth required

Prerequisites: Admin or registered user credentials · Access to the ILIAS web interface

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit x_refsource_misc

http://packetstormsecurity.com/files/125350/ILIAS-4.4.1-Cross-Site-Scripting-Shell-Upload.html

Scores

EPSS 0.0263

EPSS Percentile 83.5%

Details

CWE

CWE-94

Status published

Products (1)

ilias/ilias 4.4.1

Published Mar 02, 2014

Tracked Since Feb 18, 2026