An arbitrary file upload vulnerability in the /fileUpload.lib.php component of Chamilo 1.11.* up to v1.11.18 allows attackers to execute arbitrary code via uploading a crafted SVG file.
CPE | Name | Operator | Version |
---|---|---|---|
chamilo_lms | ge | 1.11.0 | |
chamilo_lms | le | 1.11.18 |