Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chamilo chamilo vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2013-0738
Chamilo 1.9.4 has Multiple XSS and HTML Injection Vulnerabilities: blog.php and announcements.php.
Chamilo Chamilo 1.9.4
6.1
CVSSv3
CVE-2013-0739
Chamilo 1.9.4 has XSS due to improper validation of user-supplied input by the chat.php script.
Chamilo Chamilo 1.9.4
6.1
CVSSv3
CVE-2022-27422
A reflected cross-site scripting (XSS) vulnerability in Chamilo LMS v1.11.13 allows malicious users to execute arbitrary web scripts or HTML via user interaction with a crafted URL.
Chamilo Chamilo Lms
9.8
CVSSv3
CVE-2022-27423
Chamilo LMS v1.11.13 exists to contain a SQL injection vulnerability via the blog_id parameter at /blog/blog.php.
Chamilo Chamilo Lms
8.8
CVSSv3
CVE-2022-27426
A Server-Side Request Forgery (SSRF) in Chamilo LMS v1.11.13 allows malicious users to enumerate the internal network and execute arbitrary system commands via a crafted Phar file.
Chamilo Chamilo Lms
6.1
CVSSv3
CVE-2015-9540
Chamilo LMS up to and including 1.9.10.2 allows a link_goto.php?link_url= open redirect, a related issue to CVE-2015-5503.
Chamilo Chamilo Lms
6.1
CVSSv3
CVE-2021-37389
Chamilo 1.11.14 allows stored XSS via main/install/index.php and main/install/ajax.php through the port parameter.
Chamilo Chamilo 1.11.14
8.8
CVSSv3
CVE-2022-40407
A zip slip vulnerability in the file upload function of Chamilo v1.11 allows malicious users to execute arbitrary code via a crafted Zip file.
Chamilo Chamilo 1.11
4.9
CVSSv3
CVE-2023-39582
SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allows a remote privileged malicious user to obtain sensitive information via the import sessions functions.
Chamilo Chamilo Lms
4.3
CVSSv3
CVE-2023-34958
Incorrect access control in Chamilo 1.11.* up to 1.11.18 allows a student subscribed to a given course to download documents belonging to another student if they know the document's ID.
Chamilo Chamilo Lms
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »