Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chamilo vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-1000015
Chamilo Chamilo-lms version 1.11.8 and previous versions contains a Cross Site Scripting (XSS) vulnerability in main/messages/new_message.php, main/social/personal_data.php, main/inc/lib/TicketManager.php, main/ticket/ticket_details.php that can result in a message being sent to ...
Chamilo Chamilo Lms
4
CVSSv2
CVE-2019-1000017
Chamilo Chamilo-lms version 1.11.8 and previous versions contains an Incorrect Access Control vulnerability in Tickets component that can result in an authenticated user can read all tickets available on the platform, due to lack of access controls. This attack appears to be expl...
Chamilo Chamilo Lms
4.3
CVSSv2
CVE-2013-0739
Chamilo 1.9.4 has XSS due to improper validation of user-supplied input by the chat.php script.
Chamilo Chamilo 1.9.4
4.3
CVSSv2
CVE-2021-26746
Chamilo 1.11.14 allows XSS via a main/calendar/agenda_list.php?type= URI.
Chamilo Chamilo 1.11.14
6.4
CVSSv2
CVE-2012-4030
Chamilo prior to 1.8.8.6 does not adequately handle user supplied input by the index.php script, which could allow remote malicious users to delete arbitrary files.
Chamilo Chamilo Lms
4.6
CVSSv2
CVE-2021-38745
Chamilo LMS v1.11.14 exists to contain a zero click code injection vulnerability which allows malicious users to execute arbitrary code via a crafted plugin. This vulnerability is triggered through user interaction with the attacker's profile page.
Chamilo Chamilo 1.11.14
7.5
CVSSv2
CVE-2021-35414
Chamilo LMS v1.11.x exists to contain a SQL injection via the doc parameter in main/plagiarism/compilatio/upload.php.
Chamilo Chamilo Lms
4.3
CVSSv2
CVE-2021-43687
chamilo-lms v1.11.14 is affected by a Cross Site Scripting (XSS) vulnerability in /plugin/jcapture/applet.php if an attacker passes a message hex2bin in the cookie.
Chamilo Chamilo 1.11.14
4.3
CVSSv2
CVE-2021-37390
A Chamilo LMS 1.11.14 reflected XSS vulnerability exists in main/social/search.php=q URI (social network search feature).
Chamilo Chamilo Lms
4.3
CVSSv2
CVE-2021-37389
Chamilo 1.11.14 allows stored XSS via main/install/index.php and main/install/ajax.php through the port parameter.
Chamilo Chamilo 1.11.14
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »