Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/06 4:27 a.m.11 views

CVE-2021-31933

A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input sanitization of a parameter used for file uploads, and improper file-extension filtering for certain filenames e.g., .phar or .pht. A remote authenticated administrator is able to upload a file containin...

7.2CVSS7.6AI score0.13933EPSS
Exploits4References1
Packet Storm
Packet Storm
added 2021/05/14 12:0 a.m.189 views

Chamilo LMS 1.11.14 Remote Code Execution

Exploit Title: Chamilo LMS 1.11.14 - Remote Code Execution Authenticated Date: 13/05/2021 Exploit Author: M. Cory Billington @th3y Vendor Homepage: https://chamilo.org Software Link: https://github.com/chamilo/chamilo-lms Version: 1.11.14 Tested on: Ubuntu 20.04.2 LTS CVE: CVE-2021-31933 Writeup:...

6.5CVSS0.1AI score0.13933EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/05/14 12:0 a.m.187 views

Chamilo LMS 1.11.14 - Remote Code Execution (Authenticated)

Exploit Title: Chamilo LMS 1.11.14 - Remote Code Execution Authenticated Date: 13/05/2021 Exploit Author: M. Cory Billington @th3y Vendor Homepage: https://chamilo.org Software Link: https://github.com/chamilo/chamilo-lms Version: 1.11.14 Tested on: Ubuntu 20.04.2 LTS CVE: CVE-2021-31933 Writeup:...

7.2CVSS7.2AI score0.13933EPSS
Exploits4
Circl
Circl
added 2021/05/14 12:0 a.m.26 views

CVE-2021-31933

creationtimestamp| type| source ---|---|--- 2021-05-14 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/49867 2021-05-15 00:46:44+00:00| seen| https://t.me/pwnwikizhchannel/425...

7.2CVSS7AI score0.13933EPSS
Exploits4References2
NVD
NVD
added 2021/04/30 9:15 p.m.16 views

CVE-2021-31933

A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input sanitization of a parameter used for file uploads, and improper file-extension filtering for certain filenames e.g., .phar or .pht. A remote authenticated administrator is able to upload a file containin...

7.2CVSS0.13933EPSS
Exploits4References4
CVE
CVE
added 2021/04/30 8:49 p.m.180 views

CVE-2021-31933

Chamilo LMS up to version 1.11.14 is affected by CVE-2021-31933 due to improper input sanitization for a file-upload parameter and inadequate file-extension filtering (e.g., .phar/.pht). This allows a remote authenticated administrator to upload a file containing PHP code via main/inc/lib/fileUpl...

7.2CVSS7.4AI score0.13933EPSS
Exploits4References4Affected Software1
Rows per page
Query Builder