Lucene search
K

1454 matches found

CNVD
CNVD
added 2018/12/24 12:0 a.m.3 views

Chamilo LMS Cross-Site Scripting Vulnerability (CNVD-2018-26468)

Chamilo LMS is an open source online learning and collaboration system developed by the Chamilo Association. The system supports the creation of instructional content, distance training and online question and answer sessions. A cross-site scripting vulnerability exists in the...

5.4CVSS6.2AI score0.00631EPSS
Exploits0References1
CNVD
CNVD
added 2018/12/24 12:0 a.m.3 views

Chamilo LMS SQL Injection Vulnerability (CNVD-2018-26466)

Chamilo LMS is an open source online learning and collaboration system developed by the Chamilo Association. The system supports the creation of instructional content, distance training and online question and answer sessions. A SQL injection vulnerability exists in the...

8.1CVSS8.1AI score0.01185EPSS
Exploits0References1
Prion
Prion
added 2018/12/21 6:29 a.m.13 views

Design/Logic Flaw

Chamilo LMS version 1.11.8 contains XSS in main/social/groupview.php in the social groups tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of the feature it exploits...

3.5CVSS5.1AI score0.00665EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/12/21 6:29 a.m.13 views

Design/Logic Flaw

Chamilo LMS version 1.11.8 contains XSS in main/template/default/admin/gradebooklist.tpl in the gradebook dependencies tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of t...

3.5CVSS5.1AI score0.00631EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/12/21 6:29 a.m.13 views

CVE-2018-20329

Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access to the sessions catalogue which may optionally be made public to extract and/or modify database information...

8.1CVSS8.2AI score0.01185EPSS
Exploits0References2
Prion
Prion
added 2018/12/21 6:29 a.m.13 views

Sql injection

Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access to the sessions catalogue which may optionally be made public to extract and/or modify database information...

5.5CVSS8.2AI score0.01185EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/12/21 6:29 a.m.19 views

CVE-2018-20327

Chamilo LMS version 1.11.8 contains XSS in main/template/default/admin/gradebooklist.tpl in the gradebook dependencies tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of t...

5.4CVSS5.2AI score0.00631EPSS
Exploits0References2
NVD
NVD
added 2018/12/21 6:29 a.m.19 views

CVE-2018-20328

Chamilo LMS version 1.11.8 contains XSS in main/social/groupview.php in the social groups tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of the feature it exploits...

5.4CVSS5.2AI score0.00665EPSS
Exploits0References2
OSV
OSV
added 2018/12/21 6:29 a.m.17 views

CVE-2018-20328

Chamilo LMS version 1.11.8 contains XSS in main/social/groupview.php in the social groups tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of the feature it exploits...

5.4CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2018/12/21 6:29 a.m.11 views

CVE-2018-20327

Chamilo LMS version 1.11.8 contains XSS in main/template/default/admin/gradebooklist.tpl in the gradebook dependencies tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of t...

5.4CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2018/12/21 6:29 a.m.15 views

CVE-2018-20329

Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access to the sessions catalogue which may optionally be made public to extract and/or modify database information...

8.1CVSS7.4AI score
Exploits0References2
Cvelist
Cvelist
added 2018/12/21 6:0 a.m.13 views

CVE-2018-20329

Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access to the sessions catalogue which may optionally be made public to extract and/or modify database information...

8.3AI score0.01185EPSS
Exploits0References2
CVE
CVE
added 2018/12/21 6:0 a.m.52 views

CVE-2018-20329

CVE-2018-20329 affects Chamilo LMS v1.11.8. The vulnerability is an SQL injection in main/inc/lib/CoursesAndSessionsCatalog.class.php, exploitable by users with access to the sessions catalogue (which may be public). The attacker can extract and/or modify database information. The connected docum...

8.1CVSS8.2AI score0.01185EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/12/21 6:0 a.m.46 views

CVE-2018-20328

Chamilo LMS 1.11.8 contains a cross-site scripting (XSS) vulnerability in main/social/group_view.php within the social groups tool. The issue allows an authenticated user to affect other users under specific permission configurations granted by administrators. The vulnerability is described as lo...

5.4CVSS5.1AI score0.00665EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/12/21 6:0 a.m.51 views

CVE-2018-20327

Chamilo LMS 1.11.8 is affected by a cross-site scripting (XSS) vulnerability in main/template/default/admin/gradebook_list.tpl within the gradebook dependencies tool. The issue allows authenticated users to affect other users under specific administrator-granted permissions. The connected sources...

5.4CVSS5.1AI score0.00631EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/12/21 6:0 a.m.17 views

CVE-2018-20327

Chamilo LMS version 1.11.8 contains XSS in main/template/default/admin/gradebooklist.tpl in the gradebook dependencies tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of t...

5.2AI score0.00631EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/12/21 6:0 a.m.18 views

CVE-2018-20328

Chamilo LMS version 1.11.8 contains XSS in main/social/groupview.php in the social groups tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of the feature it exploits...

5.2AI score0.00665EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2018/12/06 12:0 a.m.318 views

Chamilo 1.11.6 Cross Site Scripting

Multiple Cross-site Scripting Vulnerabilities in Chamilo 1.11.6 Information -------------------- Advisory by Netsparker Name: Multiple Cross-site Scripting Vulnerabilities in Chamilo 1.11.6 Affected Software: Chamilo Affected Versions: 1.11.6 Homepage: https://chamilo.org/en/ Vulnerability:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/12/06 12:0 a.m.81 views

Chamilo 1.11.6 SQL Injection

SQL Injection Vulnerabilities in Chamilo 1.11.6 Information -------------------- Advisory by Netsparker Name: SQL Injection Vulnerabilities in Chamilo 1.11.6 Affected Software: Chamilo Affected Versions: 1.11.6 Homepage: https://chamilo.org/en/ Vulnerability: SQL injection Severity: High Status:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2018/10/08 12:0 a.m.24 views

Chamilo LMS 1.11.8 firstname Cross Site Scripting

Exploit Title: Chamilo LMS 1.11.8 - 'firstname' Cross-Site Scripting Author: Cakes Discovery Date: 2018-10-06 Vendor Homepage: https://chamilo.org Software Link: https://github.com/chamilo/chamilo-lms/releases/download/v1.11.8/chamilo-1.11.8-php5.zip Tested Version: 1.11.8 for php5 Tested on OS:...

7.4AI score
Exploits0
Rows per page
Query Builder