CVE-2025-40671 SQL injection vulnerability in AES Multimedia's Gestnet

SQL injection vulnerability in AES Multimedia's Gestnet v1.07. This vulnerability allows an attacker to retrieve, create, update and delete databases via the ‘fkremotocentral’ parameter on the ‘/webservices/articles.php’ endpoint...

PT-2023-24446 · Unknown · Chamilo Lms

Name of the Vulnerable Software and Affected Versions: Chamilo LMS versions prior to 1.11.20 Description: The issue concerns command injection in the /main/webservices/additional webservices.php endpoint, allowing unauthenticated attackers to achieve remote code execution due to improper...