Lucene search
K

1454 matches found

Packet Storm
Packet Storm
added 2021/01/28 12:0 a.m.277 views

Chamilo LMS 1.11.14 Cross Site Scripting

Hello, We are informing you about a Cross-Site Scripting Vulnerability in Chamilo LMS 1.11.14. Information -------------------- Advisory by Netsparker Name: Cross-Site Scripting Vulnerability in Chamilo LMS Affected Software: Chamilo LMS Affected Versions: 1.11.14 Homepage: https://chamilo.org/en...

7.4AI score
Exploits0
NVD
NVD
added 2020/02/08 6:15 p.m.21 views

CVE-2012-4029

Cross-site scripting XSS vulnerability in main/dropbox/index.php in Chamilo LMS before 1.8.8.6 allows remote attackers to inject arbitrary web script or HTML via the categoryname parameter in an addsentcategory action...

6.1CVSS6.1AI score0.01442EPSS
Exploits2References3
CVE
CVE
added 2020/02/08 5:44 p.m.125 views

CVE-2012-4029

CVE-2012-4029 is a documented XSS vulnerability in Chamilo LMS before 1.8.8.6. The flaw occurs in main/dropbox/index.php via the category_name parameter in an addsentcategory action, allowing remote attackers to inject arbitrary web script or HTML. The issue is part of Chamilo 1.8.8.4/1.8.8.6 fam...

6.1CVSS6AI score0.01442EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2020/02/08 5:44 p.m.27 views

CVE-2012-4029

Cross-site scripting XSS vulnerability in main/dropbox/index.php in Chamilo LMS before 1.8.8.6 allows remote attackers to inject arbitrary web script or HTML via the categoryname parameter in an addsentcategory action...

6.1AI score0.01442EPSS
Exploits2References3
NVD
NVD
added 2020/01/30 2:15 p.m.21 views

CVE-2013-0739

Chamilo 1.9.4 has XSS due to improper validation of user-supplied input by the chat.php script...

6.1CVSS6.1AI score0.00797EPSS
Exploits0References2
NVD
NVD
added 2020/01/30 2:15 p.m.16 views

CVE-2013-0738

Chamilo 1.9.4 has Multiple XSS and HTML Injection Vulnerabilities: blog.php and announcements.php...

6.1CVSS6.3AI score0.00797EPSS
Exploits0References2
Prion
Prion
added 2020/01/30 2:15 p.m.15 views

Design/Logic Flaw

Chamilo 1.9.4 has Multiple XSS and HTML Injection Vulnerabilities: blog.php and announcements.php...

4.3CVSS6.6AI score0.00797EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/01/30 2:15 p.m.10 views

Input validation

Chamilo 1.9.4 has XSS due to improper validation of user-supplied input by the chat.php script...

4.3CVSS6.2AI score0.00797EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/01/30 1:38 p.m.38 views

CVE-2013-0739

Summary: CVE-2013-0739 affects Chamilo 1.9.4 and involves an XSS vulnerability in the chat.php script caused by improper validation of user-supplied input. Affected component: Chamilo 1.9.4, specifically the chat.php feature. Root cause: Improper validation of input in the chat functionality enab...

6.1CVSS6AI score0.00797EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/01/30 1:38 p.m.21 views

CVE-2013-0739

Chamilo 1.9.4 has XSS due to improper validation of user-supplied input by the chat.php script...

6.1AI score0.00797EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/01/30 1:34 p.m.19 views

CVE-2013-0738

Chamilo 1.9.4 has Multiple XSS and HTML Injection Vulnerabilities: blog.php and announcements.php...

6.2AI score0.00797EPSS
Exploits0References2
CVE
CVE
added 2020/01/30 1:34 p.m.36 views

CVE-2013-0738

Chamilo 1.9.4 has Multiple XSS and HTML Injection Vulnerabilities affecting the pages blog.php and announcements.php . The root cause is improper input handling, enabling injected HTML/JavaScript in user-visible content. Affected versions and exact exploit details are not provided beyond the CVE ...

6.1CVSS6.2AI score0.00797EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2020/01/10 5:15 p.m.21 views

CVE-2012-4030

Chamilo before 1.8.8.6 does not adequately handle user supplied input by the index.php script, which could allow remote attackers to delete arbitrary files...

7.5CVSS7.6AI score0.01338EPSS
Exploits1References1
Prion
Prion
added 2020/01/10 5:15 p.m.25 views

Input validation

Chamilo before 1.8.8.6 does not adequately handle user supplied input by the index.php script, which could allow remote attackers to delete arbitrary files...

6.4CVSS7.3AI score0.01338EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/01/10 4:58 p.m.28 views

CVE-2012-4030

Chamilo before 1.8.8.6 does not adequately handle user supplied input by the index.php script, which could allow remote attackers to delete arbitrary files...

7.5AI score0.01338EPSS
Exploits1References1
CVE
CVE
added 2020/01/10 4:58 p.m.105 views

CVE-2012-4030

CVE-2012-4030 affects Chamilo before 1.8.8.6, where the index.php input handling is insecure, allowing remote attackers to delete arbitrary files. The issue is described in the NVD entry as a vulnerability in Chamilo that could enable unauthorized file deletion via crafted input. Public reference...

7.5CVSS7.5AI score0.01338EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2020/01/04 7:15 a.m.15 views

CVE-2015-9540

Chamilo LMS through 1.9.10.2 allows a linkgoto.php?linkurl= open redirect, a related issue to CVE-2015-5503...

6.1CVSS6.2AI score0.00675EPSS
Exploits1References1
Prion
Prion
added 2020/01/04 7:15 a.m.16 views

Open redirect

Chamilo LMS through 1.9.10.2 allows a linkgoto.php?linkurl= open redirect, a related issue to CVE-2015-5503...

5.8CVSS7AI score0.01204EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/01/04 6:20 a.m.19 views

CVE-2015-9540

Chamilo LMS through 1.9.10.2 allows a linkgoto.php?linkurl= open redirect, a related issue to CVE-2015-5503...

6.2AI score0.00675EPSS
Exploits1References1
CVE
CVE
added 2020/01/04 6:20 a.m.181 views

CVE-2015-9540

CVE-2015-9540 describes an open redirect in Chamilo LMS up to version 1.9.10.2 via the link_goto.php?link_url= parameter, related to CVE-2015-5503. Connected entries show the Drupal Chamilo integration module (7.x-1.x before 7.x-1.2) as a separate instance of the same issue. The vulnerability is ...

6.1CVSS6.2AI score0.00675EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder