Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chamilo chamilo vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2012-4029
Cross-site scripting (XSS) vulnerability in main/dropbox/index.php in Chamilo LMS prior to 1.8.8.6 allows remote malicious users to inject arbitrary web script or HTML via the category_name parameter in an addsentcategory action.
Chamilo Chamilo
6.1
CVSSv3
CVE-2013-0738
Chamilo 1.9.4 has Multiple XSS and HTML Injection Vulnerabilities: blog.php and announcements.php.
Chamilo Chamilo 1.9.4
6.1
CVSSv3
CVE-2013-0739
Chamilo 1.9.4 has XSS due to improper validation of user-supplied input by the chat.php script.
Chamilo Chamilo 1.9.4
6.1
CVSSv3
CVE-2015-9540
Chamilo LMS up to and including 1.9.10.2 allows a link_goto.php?link_url= open redirect, a related issue to CVE-2015-5503.
Chamilo Chamilo Lms
6.1
CVSSv3
CVE-2019-1000015
Chamilo Chamilo-lms version 1.11.8 and previous versions contains a Cross Site Scripting (XSS) vulnerability in main/messages/new_message.php, main/social/personal_data.php, main/inc/lib/TicketManager.php, main/ticket/ticket_details.php that can result in a message being sent to ...
Chamilo Chamilo Lms
5.4
CVSSv3
CVE-2023-31800
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via the forum title parameter.
Chamilo Chamilo Lms 1.11.18
5.4
CVSSv3
CVE-2023-31802
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via the skype and linedin_url parameters.
Chamilo Chamilo Lms 1.11.18
5.4
CVSSv3
CVE-2023-31804
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via the course category parameters.
Chamilo Chamilo Lms 1.11.18
5.4
CVSSv3
CVE-2023-31807
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via a crafted payload to the personal notes function.
Chamilo Chamilo Lms 1.11.18
5.4
CVSSv3
CVE-2023-31806
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via a crafted payload to the My Progress function.
Chamilo Chamilo Lms 1.11.18
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »