179 matches found
CVE-2024-30619
Chamilo LMS Version 1.11.26 is vulnerable to Incorrect Access Control. A non-authenticated attacker can request the number of messages and the number of online users via "/main/inc/ajax/message.ajax.php?a=getcountmessage" AND "/main/inc/ajax/online.ajax.php?a=getusersonline."...
CVE-2024-27525
Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows a remote attacker to escalate privileges via a crafted script to the filename parameter of the home.php component...
CVE-2024-27524
Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows a remote attacker to escalate privileges via a crafted script to the filename parameter of the newticket.php component...
CVE-2021-35414
Chamilo LMS v1.11.x was discovered to contain a SQL injection via the doc parameter in main/plagiarism/compilatio/upload.php...
Chamilo LMS 安全漏洞
Chamilo LMS is an open source online learning and collaboration system from Chamilo Open Source. The system supports the creation of instructional content, remote training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS version 1.11.28, which stems from th...
PT-2025-37378
Name of the Vulnerable Software and Affected Versions Chamilo versions prior to 1.11.30 Description Chamilo is a learning management system. A blind Server-Side Request Forgery SSRF condition exists due to insufficient validation of incoming requests used in the operating system command. Successf...
PT-2025-37309
Name of the Vulnerable Software and Affected Versions Chamilo versions prior to 1.11.30 Description Chamilo is a learning management system with an OS Command Injection issue in the /main/cron/lang/check parse lang.php file. Exploitation may allow a remote attacker to execute arbitrary SQL querie...
Exploit for Unrestricted Upload of File with Dangerous Type in Chamilo Chamilo_Lms
CVE-2023-4220 Exploit for CVE-2023-4220 Esto es un exploit...
The vulnerability of the Chamilo LMS electronic learning and content management system lies in the lack of measures to neutralize instructions within the dynamically executed code, allowing a violator to execute arbitrary code.
The vulnerability of the Chamilo LMS electronic learning and content management system lies in the lack of measures taken to neutralize instructions within the dynamically executed code. Exploitation of this vulnerability could allow a malicious actor to execute arbitrary code remotely...
Chamilo LMS 安全漏洞
Chamilo LMS is an open source online learning and collaboration system from Chamilo Open Source. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS version v.1.11.26, which stems fro...
Chamilo LMS 安全漏洞
Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS version 1.11.26, which stems...
PT-2024-21931 · Unknown · Chamilo Lms
Name of the Vulnerable Software and Affected Versions: Chamilo LMS version 1.11.26 Description: A Cross Site Scripting issue allows a remote attacker to escalate privileges via a crafted script to the filename parameter of the "new ticket.php" component. This could potentially lead to data theft ...
PT-2024-21932 · Unknown · Chamilo Lms
Name of the Vulnerable Software and Affected Versions: Chamilo LMS version 1.11.26 Description: A Cross Site Scripting issue allows a remote attacker to escalate privileges via a crafted script to the filename parameter of the home.php component. Recommendations: For Chamilo LMS version 1.11.26,...
Chamilo LMS 安全漏洞
Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS version 1.11.26, which stems...
Chamilo LMS Security Vulnerability
Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS v1.11.24 and earlier versions,...
Chamilo LMS Security Vulnerability
Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS version v1.11.24 and prior...
PT-2023-28301 · Unknown · Chamilo Lms
Name of the Vulnerable Software and Affected Versions: Chamilo LMS versions prior to 1.11.24 Description: The issue allows authenticated attackers with a learner role to achieve remote code execution. This is possible due to an unrestricted file upload in the /main/inc/ajax/work.ajax.php endpoint...
Chamilo LMS Security Vulnerability
Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS version v1.11.24 and prior...
Chamilo LMS Security Vulnerability
Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS v1.11.20 and earlier versions,...
PT-2023-28292 · Unknown · Chamilo Lms
Name of the Vulnerable Software and Affected Versions: Chamilo LMS versions prior to 1.11.24 Description: The issue allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell, specifically through the big file upload...