Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/03/02 3:48 p.m.4 views

CVE-2025-52469 Chamilo: Friend Request Workflow Bypass - Unauthorized Friend Addition and ID Validation Bypass

Chamilo is a learning management system. Prior to version 1.11.30, a logic vulnerability in the friend request workflow of Chamilo’s social network module allows an authenticated user to forcibly add any user as a friend by directly calling the AJAX endpoint. The attacker can bypass the normal fl...

7.1CVSS5.9AI score0.00289EPSS
Exploits1References3
OSV
OSV
added 2026/03/02 3:48 p.m.4 views

CVE-2025-52469 Chamilo: Friend Request Workflow Bypass - Unauthorized Friend Addition and ID Validation Bypass

Chamilo is a learning management system. Prior to version 1.11.30, a logic vulnerability in the friend request workflow of Chamilo’s social network module allows an authenticated user to forcibly add any user as a friend by directly calling the AJAX endpoint. The attacker can bypass the normal fl...

7.1CVSS5.9AI score0.00289EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/03/02 12:0 a.m.8 views

Chamilo 安全漏洞

Chamilo is an open-source learning management system developed by Chamilo. Versions of Chamilo prior to 1.11.30 contained security vulnerabilities. These vulnerabilities stemmed from logical flaws in the friend request workflow of the social networking module, which could allow authenticated user...

7.1CVSS5.8AI score0.00289EPSS
Exploits1References3
OSV
OSV
added 2021/08/23 8:15 p.m.2 views

CVE-2021-22449

There is a logic vulnerability in Elf-G10HN 1.0.0.608. An unauthenticated attacker could perform specific operations to exploit this vulnerability. Due to insufficient security design, successful exploit could allow an attacker to add users to be friends without prompting in the target device...

7.5CVSS5.8AI score0.00607EPSS
Exploits0References1
Rows per page
Query Builder