CVE-2024-47886

Chamilo is a learning management system. Chamillo is affected by a post-authentication phar unserialize which leads to a remote code execution RCE within versions 1.11.12 to 1.11.26. By abusing multiple supported features from the virtualization plugin vchamilo, the vulnerability allows an...

CVE-2024-47886

CVE-2024-47886 affects Chamilo (LMS). A post-authentication phar unserialize bug in the virtualization plugin (vchamilo) allows an administrator to execute arbitrary code on the server, via features exposed by the plugin, in versions 1.11.12–1.11.26. The issue is mitigated by upgrading to version...

CVE-2024-47886 Chamilo: Post-Auth Remote Code Execution

Chamilo is a learning management system. Chamillo is affected by a post-authentication phar unserialize which leads to a remote code execution RCE within versions 1.11.12 to 1.11.26. By abusing multiple supported features from the virtualization plugin vchamilo, the vulnerability allows an...

CVE-2024-47886 Chamilo: Post-Auth Remote Code Execution

Chamilo is a learning management system. Chamillo is affected by a post-authentication phar unserialize which leads to a remote code execution RCE within versions 1.11.12 to 1.11.26. By abusing multiple supported features from the virtualization plugin vchamilo, the vulnerability allows an...

EUVD-2024-55455

Chamilo is a learning management system. Chamillo is affected by a post-authentication phar unserialize which leads to a remote code execution RCE within versions 1.11.12 to 1.11.26. By abusing multiple supported features from the virtualization plugin vchamilo, the vulnerability allows an...

CVE-2024-47886 Chamilo: Post-Auth Remote Code Execution

Chamilo is a learning management system. Chamillo is affected by a post-authentication phar unserialize which leads to a remote code execution RCE within versions 1.11.12 to 1.11.26. By abusing multiple supported features from the virtualization plugin vchamilo, the vulnerability allows an...

Chamilo 代码问题漏洞

Chamilo is an open-source learning management system developed by Chamilo. Versions 1.11.12 to 1.11.26 of Chamilo have code vulnerabilities, which stem from deserialization issues and may lead to remote code execution...

PT-2026-22587

Name of the Vulnerable Software and Affected Versions Chamilo versions 1.11.12 through 1.11.26 Description Chamilo is a learning management system affected by a post-authentication PHP unserialize issue that can lead to remote code execution RCE. The vulnerability allows an administrator to execu...

EUVD-2024-17166

Malicious code in bioql PyPI...

CVE-2024-30619

Chamilo LMS Version 1.11.26 is vulnerable to Incorrect Access Control. A non-authenticated attacker can request the number of messages and the number of online users via "/main/inc/ajax/message.ajax.php?a=getcountmessage" AND "/main/inc/ajax/online.ajax.php?a=getusersonline."...

CVE-2024-27525

Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows a remote attacker to escalate privileges via a crafted script to the filename parameter of the home.php component...

Chamilo LMS 安全漏洞

Chamilo LMS is an open source online learning and collaboration system from Chamilo Open Source. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS version v.1.11.26, which stems fro...

CVE-2024-30619

Chamilo LMS Version 1.11.26 is vulnerable to Incorrect Access Control. A non-authenticated attacker can request the number of messages and the number of online users via "/main/inc/ajax/message.ajax.php?a=getcountmessage" AND "/main/inc/ajax/online.ajax.php?a=getusersonline."...

CVE-2024-30619

Chamilo LMS Version 1.11.26 is vulnerable to Incorrect Access Control. A non-authenticated attacker can request the number of messages and the number of online users via "/main/inc/ajax/message.ajax.php?a=getcountmessage" AND "/main/inc/ajax/online.ajax.php?a=getusersonline."...

Chamilo LMS 安全漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS version 1.11.26, which stems...

Chamilo LMS 安全漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS version 1.11.26, which stems...

Chamilo LMS 安全漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS version 1.11.26, which stems...

Chamilo LMS 安全漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS version 1.11.26, which stems...

CVE-2024-30619

Chamilo LMS 1.11.26 is affected by an Incorrect Access Control vulnerability (CVE-2024-30619). According to Red Hat and NVD entries, an unauthenticated attacker can query message and online-user counts via two AJAX endpoints: /main/inc/ajax/message.ajax.php?a=get_count_message and /main/inc/ajax/...

PT-2024-21931 · Unknown · Chamilo Lms

Name of the Vulnerable Software and Affected Versions: Chamilo LMS version 1.11.26 Description: A Cross Site Scripting issue allows a remote attacker to escalate privileges via a crafted script to the filename parameter of the "new ticket.php" component. This could potentially lead to data theft ...