10 matches found
CVE-2025-69581
An issue was discovered in Chamillo LMS 1.11.2. The Social Network /personaldata endpoint exposes full sensitive user information even after logout because proper cache-control is missing. Using the browser back button restores all personal data, allowing unauthorized users on the same device to...
CVE-2025-69581
An issue was discovered in Chamillo LMS 1.11.2. The Social Network /personaldata endpoint exposes full sensitive user information even after logout because proper cache-control is missing. Using the browser back button restores all personal data, allowing unauthorized users on the same device to...
CVE-2025-69581
An issue was discovered in Chamillo LMS 1.11.2. The Social Network /personaldata endpoint exposes full sensitive user information even after logout because proper cache-control is missing. Using the browser back button restores all personal data, allowing unauthorized users on the same device to...
CVE-2025-69581
An issue was discovered in Chamillo LMS 1.11.2. The Social Network /personaldata endpoint exposes full sensitive user information even after logout because proper cache-control is missing. Using the browser back button restores all personal data, allowing unauthorized users on the same device to...
CVE-2025-69581
An issue was discovered in Chamillo LMS 1.11.2. The Social Network /personaldata endpoint exposes full sensitive user information even after logout because proper cache-control is missing. Using the browser back button restores all personal data, allowing unauthorized users on the same device to...
CVE-2025-69581
An issue was discovered in Chamillo LMS 1.11.2. The Social Network /personaldata endpoint exposes full sensitive user information even after logout because proper cache-control is missing. Using the browser back button restores all personal data, allowing unauthorized users on the same device to...
CVE-2025-69581
Chamillo LMS 1.11.2 has a data exposure flaw on the Social Network /personal_data endpoint due to missing cache-control headers. This allows unauthorized users on the same device to view full sensitive user data after logout (via the browser back button). Root cause: improper cache control. Impac...
Chamillo LMS 1.11.8 - Arbitrary File Upload Exploit
Exploit for php platform in category web applications Exploit Title: Chamillo LMS 1.11.8 - Arbitrary File Upload Google Dork: "powered by chamilo" Exploit Author: Sohel Yousef jellyfish security team Software Link: https://chamilo.org/en/download/ Version: Chamilo 1.11.8 or lower to 1.8 Category:...
Chamillo LMS 1.11.8 - Arbitrary File Upload
Chamillo LMS 1.11.8 - Arbitrary File Upload Exploit Title: Chamillo LMS 1.11.8 - Arbitrary File Upload Google Dork: "powered by chamilo" Date: 2018-10-05 Exploit Author: Sohel Yousef jellyfish security team Software Link: https://chamilo.org/en/download/ Version: Chamilo 1.11.8 or lower to 1.8...
Chamillo LMS 1.11.8 - Arbitrary File Upload
Exploit Title: Chamillo LMS 1.11.8 - Arbitrary File Upload Google Dork: "powered by chamilo" Date: 2018-10-05 Exploit Author: Sohel Yousef jellyfish security team Software Link: https://chamilo.org/en/download/ Version: Chamilo 1.11.8 or lower to 1.8 Category: webapps 1. Description Any registere...