2 matches found
CVE-2023-34944
Chamilo LMS vulnerability CVE-2023-34944: Arbitrary code execution via SVG upload in /fileUpload.lib.php on Chamilo 1.11.* up to 1.11.18. Affected component and versions are confirmed; exploitation vector is a crafted SVG file uploaded to the vulnerable endpoint. Impact includes high confidential...
CVE-2023-34944
An arbitrary file upload vulnerability in the /fileUpload.lib.php component of Chamilo 1.11. up to v1.11.18 allows attackers to execute arbitrary code via uploading a crafted SVG file...