Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chamilo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-6787
SQL injection vulnerability in the check_user_password function in main/auth/profile.php in Chamilo LMS 1.9.6 and previous versions, when using the non-encrypted passwords mode set at installation, allows remote authenticated users to execute arbitrary SQL commands via the "...
Chamilo Chamilo Lms 1.8.8.4
Chamilo Chamilo Lms 1.8.8.2
Chamilo Chamilo Lms 1.8.7.1
Chamilo Chamilo Lms 1.8.7
Chamilo Chamilo Lms
Chamilo Chamilo Lms 1.9.4
Chamilo Chamilo Lms 1.9.0
Chamilo Chamilo Lms 1.9.2
Chamilo Chamilo Lms 1.8.8.6
Chamilo Chamilo Lms 1.8.6.2
1 EDB exploit
9.8
CVSSv3
CVE-2018-1999019
Chamilo LMS version 11.x contains an Unserialization vulnerability in the "hash" GET parameter for the api endpoint located at /webservices/api/v2.php that can result in Unauthenticated remote code execution. This attack appear to be exploitable via a simple GET request...
Chamilo Chamilo Lms 1.11.0
Chamilo Chamilo Lms 1.11.6
Chamilo Chamilo Lms 1.11.8
Chamilo Chamilo Lms 1.11.4
Chamilo Chamilo Lms 1.11.2
4.8
CVSSv3
CVE-2023-37061
Chamilo 1.11.x up to 1.11.20 allows users with an admin privilege account to insert XSS in the languages management section.
Chamilo Chamilo
4.8
CVSSv3
CVE-2023-37062
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the course categories' definition.
Chamilo Chamilo
4.8
CVSSv3
CVE-2023-37063
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the careers & promotions management section.
Chamilo Chamilo
4.8
CVSSv3
CVE-2023-37064
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the extra fields management section.
Chamilo Chamilo
4.8
CVSSv3
CVE-2023-37065
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the session category management section.
Chamilo Chamilo
4.8
CVSSv3
CVE-2023-37066
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the skills wheel.
Chamilo Chamilo
4.8
CVSSv3
CVE-2023-37067
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the classes/usergroups management section.
Chamilo Chamilo
9.8
CVSSv3
CVE-2023-3533
Path traversal in file upload functionality in `/main/webservices/additional_webservices.php` in Chamilo LMS <= v1.11.20 allows unauthenticated malicious users to perform stored cross-site scripting attacks and obtain remote code execution via arbitrary file write.
Chamilo Chamilo
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »