Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chamilo chamilo vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-4220
Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated malicious users to perform stored cross-site scripting attacks and obtain remote code execution via uploading o...
Chamilo Chamilo Lms
6.1
CVSSv3
CVE-2023-34961
Chamilo v1.11.x up to v1.11.18 exists to contain a cross-site scripting (XSS) vulnerability via the /feedback/comment field.
Chamilo Chamilo Lms
6.1
CVSSv3
CVE-2023-31801
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via the skills wheel parameter.
Chamilo Chamilo Lms 1.11.18
6.1
CVSSv3
CVE-2022-27422
A reflected cross-site scripting (XSS) vulnerability in Chamilo LMS v1.11.13 allows malicious users to execute arbitrary web scripts or HTML via user interaction with a crafted URL.
Chamilo Chamilo Lms
6.1
CVSSv3
CVE-2022-27425
Chamilo LMS v1.11.13 exists to contain a cross-site scripting (XSS) vulnerability via the component /blog/blog.php.
Chamilo Chamilo
6.1
CVSSv3
CVE-2021-43687
chamilo-lms v1.11.14 is affected by a Cross Site Scripting (XSS) vulnerability in /plugin/jcapture/applet.php if an attacker passes a message hex2bin in the cookie.
Chamilo Chamilo 1.11.14
6.1
CVSSv3
CVE-2020-23126
Chamilo LMS version 1.11.10 contains an XSS vulnerability in the personal profile edition form, affecting the user him/herself and social network friends.
Chamilo Chamilo Lms 1.11.10
6.1
CVSSv3
CVE-2021-37390
A Chamilo LMS 1.11.14 reflected XSS vulnerability exists in main/social/search.php=q URI (social network search feature).
Chamilo Chamilo Lms
6.1
CVSSv3
CVE-2021-37389
Chamilo 1.11.14 allows stored XSS via main/install/index.php and main/install/ajax.php through the port parameter.
Chamilo Chamilo 1.11.14
6.1
CVSSv3
CVE-2021-26746
Chamilo 1.11.14 allows XSS via a main/calendar/agenda_list.php?type= URI.
Chamilo Chamilo 1.11.14
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »