CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

RedhatCVE•added 2025/05/23 2:6 a.m.•6 views

CVE-2023-37063

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the careers & promotions management section...

4.8CVSS6AI score0.00538EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 6:34 p.m.•3 views

CVE-2021-32925

admin/userimport.php in Chamilo 1.11.x reads XML data without disabling the ability to load external entities...

6.5CVSS6.8AI score0.00505EPSS

Exploits1References1

OSV•added 2023/07/07 5:15 p.m.•12 views

CVE-2023-37066

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the skills wheel...

4.8CVSS6.1AI score

Exploits0References2

OSV•added 2023/07/07 5:15 p.m.•19 views

CVE-2023-37064

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the extra fields management section...

4.8CVSS6.1AI score

Exploits0References2

NVD•added 2023/07/07 5:15 p.m.•9 views

CVE-2023-37064

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the extra fields management section...

4.8CVSS4.9AI score0.00538EPSS

Exploits0References2

NVD•added 2023/07/07 5:15 p.m.•6 views

CVE-2023-37065

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the session category management section...

4.8CVSS5AI score0.00538EPSS

Exploits0References2

ATTACKERKB•added 2023/07/07 5:15 p.m.•0 views

CVE-2023-37066

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the skills wheel...

4.8CVSS5.7AI score0.00538EPSS

Exploits0References3

ATTACKERKB•added 2023/07/07 5:15 p.m.•0 views

CVE-2023-37065

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the session category management section...

4.8CVSS5.7AI score0.00538EPSS

Exploits0References3

ATTACKERKB•added 2023/07/07 5:15 p.m.•3 views

CVE-2023-37061

Chamilo 1.11.x up to 1.11.20 allows users with an admin privilege account to insert XSS in the languages management section...

4.8CVSS5.7AI score0.00469EPSS

Exploits0References3

NVD•added 2023/07/07 5:15 p.m.•10 views

CVE-2023-37062

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the course categories' definition...

4.8CVSS4.9AI score0.00538EPSS

Exploits0References2

NVD•added 2023/07/07 5:15 p.m.•6 views

CVE-2023-37061

Chamilo 1.11.x up to 1.11.20 allows users with an admin privilege account to insert XSS in the languages management section...

4.8CVSS4.9AI score0.00469EPSS

Exploits0References2

Prion•added 2023/07/07 5:15 p.m.•11 views

Design/Logic Flaw

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the skills wheel...

4.3CVSS4.8AI score0.00538EPSS

Exploits0References2Affected Software1

Prion•added 2023/07/07 5:15 p.m.•12 views

Design/Logic Flaw

Chamilo 1.11.x up to 1.11.20 allows users with an admin privilege account to insert XSS in the languages management section...

4.3CVSS4.8AI score0.00469EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/07/07 12:0 a.m.•10 views

CVE-2023-37064

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the extra fields management section...

6.2AI score0.00538EPSS

Exploits0References2

Vulnrichment•added 2023/07/07 12:0 a.m.•7 views

CVE-2023-37061

Chamilo 1.11.x up to 1.11.20 allows users with an admin privilege account to insert XSS in the languages management section...

6.2AI score0.00469EPSS

Exploits0References2

CVE•added 2023/06/13 12:0 a.m.•161 views

CVE-2023-34944

Chamilo LMS vulnerability CVE-2023-34944: Arbitrary code execution via SVG upload in /fileUpload.lib.php on Chamilo 1.11.* up to 1.11.18. Affected component and versions are confirmed; exploitation vector is a crafted SVG file uploaded to the vulnerable endpoint. Impact includes high confidential...

9.8CVSS9.6AI score0.00695EPSS

Exploits0References4Affected Software1

Cvelist•added 2023/06/13 12:0 a.m.•16 views

CVE-2023-34944

An arbitrary file upload vulnerability in the /fileUpload.lib.php component of Chamilo 1.11. up to v1.11.18 allows attackers to execute arbitrary code via uploading a crafted SVG file...

9.8AI score0.00695EPSS

Exploits0References4

Prion•added 2023/06/08 7:15 p.m.•15 views

Improper access control

Incorrect access control in Chamilo 1.11. up to 1.11.18 allows a student subscribed to a given course to download documents belonging to another student if they know the document's ID...

4CVSS4.7AI score0.00187EPSS

Exploits0References2Affected Software1

Prion•added 2021/05/13 6:15 p.m.•12 views

Xxe

admin/userimport.php in Chamilo 1.11.x reads XML data without disabling the ability to load external entities...

5.5CVSS6.4AI score0.00505EPSS

Exploits1References4Affected Software1

Cvelist•added 2021/05/13 5:50 p.m.•10 views

CVE-2021-32925

admin/userimport.php in Chamilo 1.11.x reads XML data without disabling the ability to load external entities...

7.3AI score0.00505EPSS

Exploits1References4