5 matches found
CVE-2024-50337 Chamilo: Potential unauthenticated blind SSRF via openid function
Chamilo is a learning management system. Prior to version 1.11.28, the OpenId function allows anyone to send requests to any URL on server's behalf, which results in unauthenticated blind SSRF. This issue has been patched in version 1.11.28...
CVE-2024-50337 Chamilo: Potential unauthenticated blind SSRF via openid function
Chamilo is a learning management system. Prior to version 1.11.28, the OpenId function allows anyone to send requests to any URL on server's behalf, which results in unauthenticated blind SSRF. This issue has been patched in version 1.11.28...
EUVD-2024-55456
Chamilo is a learning management system. Prior to version 1.11.28, the OpenId function allows anyone to send requests to any URL on server's behalf, which results in unauthenticated blind SSRF. This issue has been patched in version 1.11.28...
CVE-2024-50337 Chamilo: Potential unauthenticated blind SSRF via openid function
Chamilo is a learning management system. Prior to version 1.11.28, the OpenId function allows anyone to send requests to any URL on server's behalf, which results in unauthenticated blind SSRF. This issue has been patched in version 1.11.28...
PT-2025-49244
Name of the Vulnerable Software and Affected Versions youlaitech youlai-mall versions 1.0.0 through 2.0.0 Description A flaw exists in youlaitech youlai-mall that allows for improper access controls. This is due to the manipulation of the openid argument within an unknown function located at the...