23 matches found
CVE-2026-30882
Chamilo LMS is a learning management system. Chamilo LMS version 1.11.34 and prior contains a Reflected Cross-Site Scripting XSS vulnerability in the session category listing page. The keyword parameter from $REQUEST is echoed directly into an HTML href attribute without any encoding or...
CVE-2026-30881
Chamilo LMS is a learning management system. Version 1.11.34 and prior contains a SQL Injection vulnerability in the statistics AJAX endpoint. The parameters datestart and dateend from $REQUEST are embedded directly into a raw SQL string without proper sanitization. Although Database::escapestrin...
CVE-2026-30875
Chamilo LMS is a learning management system. Prior to version 1.11.36, an arbitrary file upload vulnerability in the H5P Import feature allows authenticated users with Teacher role to achieve Remote Code Execution RCE. The H5P package validation only checks if h5p.json exists but doesn't block...
CVE-2026-30876
Chamilo LMS is a learning management system. Prior to version 1.11.36, Chamilo is vulnerable to user enumeration with valid/invalid username. This issue has been patched in version 1.11.36...
EUVD-2026-12514
Chamilo LMS is a learning management system. Chamilo LMS version 1.11.34 and prior contains a Reflected Cross-Site Scripting XSS vulnerability in the session category listing page. The keyword parameter from $REQUEST is echoed directly into an HTML href attribute without any encoding or...
EUVD-2026-12500
Chamilo LMS is a learning management system. Version 1.11.34 and prior contains a SQL Injection vulnerability in the statistics AJAX endpoint. The parameters datestart and dateend from $REQUEST are embedded directly into a raw SQL string without proper sanitization. Although Database::escapestrin...
CVE-2026-30881
Chamilo LMS (versions
CVE-2026-30881 Chamilo LMS: SQL Injection in the statistics AJAX endpoint
Chamilo LMS is a learning management system. Version 1.11.34 and prior contains a SQL Injection vulnerability in the statistics AJAX endpoint. The parameters datestart and dateend from $REQUEST are embedded directly into a raw SQL string without proper sanitization. Although Database::escapestrin...
CVE-2026-30876
Chamilo LMS before version 1.11.36 is vulnerable to user enumeration via login response (valid vs invalid usernames). The issue has been fixed in 1.11.36. CVSS‑4.0 metrics indicate Network attack vector, Low confidentiality impact, and a Medium overall severity (6.3).
EUVD-2026-12498
Chamilo LMS is a learning management system. Prior to version 1.11.36, Chamilo is vulnerable to user enumeration with valid/invalid username. This issue has been patched in version 1.11.36...
CVE-2026-30876 Chamilo LMS: User enumeration vulnerability via response
Chamilo LMS is a learning management system. Prior to version 1.11.36, Chamilo is vulnerable to user enumeration with valid/invalid username. This issue has been patched in version 1.11.36...
CVE-2026-30876 Chamilo LMS: User enumeration vulnerability via response
Chamilo LMS is a learning management system. Prior to version 1.11.36, Chamilo is vulnerable to user enumeration with valid/invalid username. This issue has been patched in version 1.11.36...
CVE-2026-30875 Chamilo LMS: Authenticated RCE via H5P Import
Chamilo LMS is a learning management system. Prior to version 1.11.36, an arbitrary file upload vulnerability in the H5P Import feature allows authenticated users with Teacher role to achieve Remote Code Execution RCE. The H5P package validation only checks if h5p.json exists but doesn't block...
CVE-2026-30875 Chamilo LMS: Authenticated RCE via H5P Import
Chamilo LMS is a learning management system. Prior to version 1.11.36, an arbitrary file upload vulnerability in the H5P Import feature allows authenticated users with Teacher role to achieve Remote Code Execution RCE. The H5P package validation only checks if h5p.json exists but doesn't block...
EUVD-2026-12496
Chamilo LMS is a learning management system. Prior to version 1.11.36, an arbitrary file upload vulnerability in the H5P Import feature allows authenticated users with Teacher role to achieve Remote Code Execution RCE. The H5P package validation only checks if h5p.json exists but doesn't block...
CVE-2026-30875 Chamilo LMS: Authenticated RCE via H5P Import
Chamilo LMS is a learning management system. Prior to version 1.11.36, an arbitrary file upload vulnerability in the H5P Import feature allows authenticated users with Teacher role to achieve Remote Code Execution RCE. The H5P package validation only checks if h5p.json exists but doesn't block...
CVE-2026-30875
Chamilo LMS (prior to v1.11.36) exposes an authenticated RCE via H5P Import. An attacker with Teacher role can upload a crafted H5P package that bypasses validation (H5P package validation only checks for h5p.json and does not block .htaccess or PHP files with alternate extensions), enabling exec...
Chamilo LMS 安全漏洞
Chamilo LMS is an open-source online learning and collaboration system developed by Chamilo. This system supports the creation of teaching content, remote training, and online quizzes. Versions of Chamilo LMS prior to 1.11.36 contained security vulnerabilities. These vulnerabilities were due to...
Chamilo LMS 代码注入漏洞
Chamilo LMS is an open-source online learning and collaboration system developed by Chamilo. This system supports the creation of teaching content, remote training, and online quizzes. Prior to version 1.11.36 of Chamilo LMS, there was a code injection vulnerability. This vulnerability stemmed fr...
PT-2026-25801
Chamilo LMS is a learning management system. Version 1.11.34 and prior contains a SQL Injection vulnerability in the statistics AJAX endpoint. The parameters date start and date end from $ REQUEST are embedded directly into a raw SQL string without proper sanitization. Although Database::escape...