CVE-2014-2090

ILIAS 4.4.1 - Authenticated Cross-Site Scripting via tar, tar_val, or title Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-2090. PoCs published by HauntIT.

AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in ILIAS 4.4.1, including persistent XSS, arbitrary file upload leading to webshell deployment, and reflected XSS. The PoC provides HTTP requests to exploit these flaws, allowing attackers to execute arbitrary code or inject malicious scripts.

Description

Multiple cross-site scripting (XSS) vulnerabilities in ilias.php in ILIAS 4.4.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) tar, (2) tar_val, or (3) title parameter.

Exploits (1)

exploitdb WORKING POC

by HauntIT · textwebappsphp

https://www.exploit-db.com/exploits/31833

View Code ZIP pw:eip

This exploit demonstrates multiple vulnerabilities in ILIAS 4.4.1, including persistent XSS, arbitrary file upload leading to webshell deployment, and reflected XSS. The PoC provides HTTP requests to exploit these flaws, allowing attackers to execute arbitrary code or inject malicious scripts.

Classification

Working Poc 95%

Attack Type

Xss | Rce

Complexity

Trivial

Reliability

Reliable

Target: ILIAS 4.4.1

Auth required

Prerequisites: Authenticated user access (admin or registered user) · Network access to the ILIAS application

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit x_refsource_misc

http://packetstormsecurity.com/files/125350/ILIAS-4.4.1-Cross-Site-Scripting-Shell-Upload.html

Scores

EPSS 0.0148

EPSS Percentile 70.6%

Details

CWE

CWE-79

Status published

Products (1)

ilias/ilias 4.4.1

Published Mar 02, 2014

Tracked Since Feb 18, 2026