Lucene search
K

6 matches found

OSV
OSV
added 2026/04/10 6:59 p.m.2 views

CVE-2026-33710 Chamilo LMS has Weak REST API Key Generation (Predictable)

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, REST API keys are generated using md5time + userid 5 - rand10000, 10000. The rand10000, 10000 call always returns exactly 10000 min == max, making the formula effectively md5timestamp + userid5 - 10000. An attacker who...

7.5CVSS6AI score0.00288EPSS
Exploits0References5
NVD
NVD
added 2026/04/10 6:16 p.m.6 views

CVE-2026-32931

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an unrestricted file upload vulnerability in the exercise sound upload function allows an authenticated teacher to upload a PHP webshell by spoofing the Content-Type header to audio/mpeg. The uploaded file retains its...

8.8CVSS0.00495EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/10 5:50 p.m.26 views

CVE-2026-32931 Chamilo LMS has Arbitrary File Upload via MIME-Only Validation in Exercise Sound Upload Leads to RCE

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an unrestricted file upload vulnerability in the exercise sound upload function allows an authenticated teacher to upload a PHP webshell by spoofing the Content-Type header to audio/mpeg. The uploaded file retains its...

7.5CVSS0.00495EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/10 5:44 p.m.2 views

CVE-2026-32894 Chamilo LMS has an IDOR in Gradebook Allows Cross-Course Deletion of Any Student's Grade Result

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Insecure Direct Object Reference IDOR vulnerability in the gradebook result view page allows any authenticated teacher to delete any student's grade result across the entire platform by manipulating the deletemark or...

7.1CVSS5.8AI score0.0028EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/04/10 5:35 p.m.3 views

CVE-2026-31940 Session Fixation in Chamilo LMS

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, in main/lp/aicchacp.php, user-controlled request parameters are directly used to set the PHP session ID before loading global bootstrap. This leads to session fixation. This vulnerability is fixed in 1.11.38 and...

7.5CVSS5.8AI score0.0024EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.8 views

Chamilo LMS 操作系统命令注入漏洞

Chamilo LMS is an open-source online learning and collaboration system developed by Chamilo. This system supports the creation of teaching content, remote training, and online quizzes. Versions of Chamilo LMS prior to 1.11.38 and 2.0.0-RC.3 contained a vulnerability related to OS command injectio...

9.1CVSS5.9AI score0.01527EPSS
Exploits0References4
Rows per page
Query Builder