Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chamilo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-37062
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the course categories' definition.
Chamilo Chamilo
NA
CVE-2023-37063
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the careers & promotions management section.
Chamilo Chamilo
NA
CVE-2023-37064
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the extra fields management section.
Chamilo Chamilo
NA
CVE-2023-37065
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the session category management section.
Chamilo Chamilo
NA
CVE-2023-37066
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the skills wheel.
Chamilo Chamilo
NA
CVE-2023-37067
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the classes/usergroups management section.
Chamilo Chamilo
6.5
CVSSv2
CVE-2021-31933
A remote code execution vulnerability exists in Chamilo up to and including 1.11.14 due to improper input sanitization of a parameter used for file uploads, and improper file-extension filtering for certain filenames (e.g., .phar or .pht). A remote authenticated administrator is ...
Chamilo Chamilo
NA
CVE-2023-34960
A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows malicious users to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.
Chamilo Chamilo
1 Metasploit module
8 Github repositories
NA
CVE-2023-3545
Improper sanitisation in `main/inc/lib/fileUpload.lib.php` in Chamilo LMS <= v1.11.20 on Windows and Apache installations allows unauthenticated malicious users to bypass file upload security protections and obtain remote code execution via uploading of `.htaccess` file. This ...
Chamilo Chamilo
5.8
CVSSv2
CVE-2015-5503
Open redirect vulnerability in the Chamilo integration module 7.x-1.x prior to 7.x-1.2 for Drupal allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters.
Chamilo Integration Project Chamilo Integration 7.x-1.0
Chamilo Integration Project Chamilo Integration 7.x-1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »