Chamilo Lms Security Vulnerabilities and Issues — Chamilo Lms CVE List

Lucene search

ChamiloChamilo Lms

3 matches found

CVE•added 2021/12/03 10:15 p.m.•52 views

CVE-2021-35413

A remote code execution (RCE) vulnerability in course_intro_pdf_import.php of Chamilo LMS v1.11.x allows authenticated attackers to execute arbitrary code via a crafted .htaccess file.

8.8CVSS8.8AI score0.03237EPSS

CVE•added 2021/12/03 10:15 p.m.•38 views

CVE-2021-35414

Chamilo LMS v1.11.x was discovered to contain a SQL injection via the doc parameter in main/plagiarism/compilatio/upload.php.

9.8CVSS9.8AI score0.02202EPSS

CVE•added 2021/12/03 10:15 p.m.•35 views

CVE-2021-35415

A stored cross-site scripting (XSS) vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the course "Title" and "Content" fields.

4.8CVSS4.9AI score0.0061EPSS