3 matches found
CVE-2023-4224 Chamilo LMS File Upload Functionality Remote Code Execution
Unrestricted file upload in /main/inc/ajax/dropbox.ajax.php in Chamilo LMS = v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files...
CVE-2023-4224
CVE-2023-4224 affects Chamilo LMS up to version 1.11.24, via an unrestricted file upload in /main/inc/ajax/dropbox.ajax.php. Authenticated users with learner role can upload PHP files, enabling remote code execution. The vulnerability is documented in OSV/NVD entries for Chamilo LMS; no additiona...
CVE-2023-4224 Chamilo LMS File Upload Functionality Remote Code Execution
Unrestricted file upload in /main/inc/ajax/dropbox.ajax.php in Chamilo LMS = v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files...