Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chamilo chamilo 1.11 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-34944
An arbitrary file upload vulnerability in the /fileUpload.lib.php component of Chamilo 1.11.* up to v1.11.18 allows malicious users to execute arbitrary code via uploading a crafted SVG file.
Chamilo Chamilo Lms
8.8
CVSSv3
CVE-2022-40407
A zip slip vulnerability in the file upload function of Chamilo v1.11 allows malicious users to execute arbitrary code via a crafted Zip file.
Chamilo Chamilo 1.11
6.5
CVSSv3
CVE-2021-32925
admin/user_import.php in Chamilo 1.11.x reads XML data without disabling the ability to load external entities.
Chamilo Chamilo
6.5
CVSSv3
CVE-2019-1000017
Chamilo Chamilo-lms version 1.11.8 and previous versions contains an Incorrect Access Control vulnerability in Tickets component that can result in an authenticated user can read all tickets available on the platform, due to lack of access controls. This attack appears to be expl...
Chamilo Chamilo Lms
6.1
CVSSv3
CVE-2019-1000015
Chamilo Chamilo-lms version 1.11.8 and previous versions contains a Cross Site Scripting (XSS) vulnerability in main/messages/new_message.php, main/social/personal_data.php, main/inc/lib/TicketManager.php, main/ticket/ticket_details.php that can result in a message being sent to ...
Chamilo Chamilo Lms
4.9
CVSSv3
CVE-2023-39582
SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allows a remote privileged malicious user to obtain sensitive information via the import sessions functions.
Chamilo Chamilo Lms
4.8
CVSSv3
CVE-2023-37061
Chamilo 1.11.x up to 1.11.20 allows users with an admin privilege account to insert XSS in the languages management section.
Chamilo Chamilo
4.8
CVSSv3
CVE-2023-37062
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the course categories' definition.
Chamilo Chamilo
4.8
CVSSv3
CVE-2023-37063
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the careers & promotions management section.
Chamilo Chamilo
4.8
CVSSv3
CVE-2023-37064
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the extra fields management section.
Chamilo Chamilo
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »