1454 matches found
Chamilo LMS Cross-Site Scripting Vulnerability (CNVD-2018-26468)
Chamilo LMS is an open source online learning and collaboration system developed by the Chamilo Association. The system supports the creation of instructional content, distance training and online question and answer sessions. A cross-site scripting vulnerability exists in the...
Chamilo LMS SQL Injection Vulnerability (CNVD-2018-26466)
Chamilo LMS is an open source online learning and collaboration system developed by the Chamilo Association. The system supports the creation of instructional content, distance training and online question and answer sessions. A SQL injection vulnerability exists in the...
Design/Logic Flaw
Chamilo LMS version 1.11.8 contains XSS in main/social/groupview.php in the social groups tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of the feature it exploits...
Design/Logic Flaw
Chamilo LMS version 1.11.8 contains XSS in main/template/default/admin/gradebooklist.tpl in the gradebook dependencies tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of t...
CVE-2018-20329
Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access to the sessions catalogue which may optionally be made public to extract and/or modify database information...
Sql injection
Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access to the sessions catalogue which may optionally be made public to extract and/or modify database information...
CVE-2018-20327
Chamilo LMS version 1.11.8 contains XSS in main/template/default/admin/gradebooklist.tpl in the gradebook dependencies tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of t...
CVE-2018-20328
Chamilo LMS version 1.11.8 contains XSS in main/social/groupview.php in the social groups tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of the feature it exploits...
CVE-2018-20328
Chamilo LMS version 1.11.8 contains XSS in main/social/groupview.php in the social groups tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of the feature it exploits...
CVE-2018-20327
Chamilo LMS version 1.11.8 contains XSS in main/template/default/admin/gradebooklist.tpl in the gradebook dependencies tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of t...
CVE-2018-20329
Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access to the sessions catalogue which may optionally be made public to extract and/or modify database information...
CVE-2018-20329
Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access to the sessions catalogue which may optionally be made public to extract and/or modify database information...
CVE-2018-20329
CVE-2018-20329 affects Chamilo LMS v1.11.8. The vulnerability is an SQL injection in main/inc/lib/CoursesAndSessionsCatalog.class.php, exploitable by users with access to the sessions catalogue (which may be public). The attacker can extract and/or modify database information. The connected docum...
CVE-2018-20328
Chamilo LMS 1.11.8 contains a cross-site scripting (XSS) vulnerability in main/social/group_view.php within the social groups tool. The issue allows an authenticated user to affect other users under specific permission configurations granted by administrators. The vulnerability is described as lo...
CVE-2018-20327
Chamilo LMS 1.11.8 is affected by a cross-site scripting (XSS) vulnerability in main/template/default/admin/gradebook_list.tpl within the gradebook dependencies tool. The issue allows authenticated users to affect other users under specific administrator-granted permissions. The connected sources...
CVE-2018-20327
Chamilo LMS version 1.11.8 contains XSS in main/template/default/admin/gradebooklist.tpl in the gradebook dependencies tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of t...
CVE-2018-20328
Chamilo LMS version 1.11.8 contains XSS in main/social/groupview.php in the social groups tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of the feature it exploits...
Chamilo 1.11.6 Cross Site Scripting
Multiple Cross-site Scripting Vulnerabilities in Chamilo 1.11.6 Information -------------------- Advisory by Netsparker Name: Multiple Cross-site Scripting Vulnerabilities in Chamilo 1.11.6 Affected Software: Chamilo Affected Versions: 1.11.6 Homepage: https://chamilo.org/en/ Vulnerability:...
Chamilo 1.11.6 SQL Injection
SQL Injection Vulnerabilities in Chamilo 1.11.6 Information -------------------- Advisory by Netsparker Name: SQL Injection Vulnerabilities in Chamilo 1.11.6 Affected Software: Chamilo Affected Versions: 1.11.6 Homepage: https://chamilo.org/en/ Vulnerability: SQL injection Severity: High Status:...
Chamilo LMS 1.11.8 firstname Cross Site Scripting
Exploit Title: Chamilo LMS 1.11.8 - 'firstname' Cross-Site Scripting Author: Cakes Discovery Date: 2018-10-06 Vendor Homepage: https://chamilo.org Software Link: https://github.com/chamilo/chamilo-lms/releases/download/v1.11.8/chamilo-1.11.8-php5.zip Tested Version: 1.11.8 for php5 Tested on OS:...