Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chamilo vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-31933
A remote code execution vulnerability exists in Chamilo up to and including 1.11.14 due to improper input sanitization of a parameter used for file uploads, and improper file-extension filtering for certain filenames (e.g., .phar or .pht). A remote authenticated administrator is ...
Chamilo Chamilo
NA
CVE-2023-37061
Chamilo 1.11.x up to 1.11.20 allows users with an admin privilege account to insert XSS in the languages management section.
Chamilo Chamilo
NA
CVE-2023-37062
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the course categories' definition.
Chamilo Chamilo
NA
CVE-2023-37063
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the careers & promotions management section.
Chamilo Chamilo
NA
CVE-2023-37064
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the extra fields management section.
Chamilo Chamilo
NA
CVE-2023-37066
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the skills wheel.
Chamilo Chamilo
NA
CVE-2023-37067
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the classes/usergroups management section.
Chamilo Chamilo
4.3
CVSSv2
CVE-2022-27425
Chamilo LMS v1.11.13 exists to contain a cross-site scripting (XSS) vulnerability via the component /blog/blog.php.
Chamilo Chamilo
4.3
CVSSv2
CVE-2012-4029
Cross-site scripting (XSS) vulnerability in main/dropbox/index.php in Chamilo LMS prior to 1.8.8.6 allows remote malicious users to inject arbitrary web script or HTML via the category_name parameter in an addsentcategory action.
Chamilo Chamilo
NA
CVE-2022-40407
A zip slip vulnerability in the file upload function of Chamilo v1.11 allows malicious users to execute arbitrary code via a crafted Zip file.
Chamilo Chamilo 1.11
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »