Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chamilo vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2013-0739
Chamilo 1.9.4 has XSS due to improper validation of user-supplied input by the chat.php script.
Chamilo Chamilo 1.9.4
4.3
CVSSv2
CVE-2021-37389
Chamilo 1.11.14 allows stored XSS via main/install/index.php and main/install/ajax.php through the port parameter.
Chamilo Chamilo 1.11.14
4.3
CVSSv2
CVE-2021-37390
A Chamilo LMS 1.11.14 reflected XSS vulnerability exists in main/social/search.php=q URI (social network search feature).
Chamilo Chamilo Lms
3.5
CVSSv2
CVE-2021-37391
A user without privileges in Chamilo LMS 1.11.14 can send an invitation message to another user, e.g., the administrator, through main/social/search.php, main/inc/lib/social.lib.php and steal cookies or execute arbitrary code on the administration side via a stored XSS vulnerabil...
Chamilo Chamilo Lms
5.8
CVSSv2
CVE-2015-5503
Open redirect vulnerability in the Chamilo integration module 7.x-1.x prior to 7.x-1.2 for Drupal allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters.
Chamilo Integration Project Chamilo Integration 7.x-1.1
Chamilo Integration Project Chamilo Integration 7.x-1.0
7.5
CVSSv2
CVE-2019-13082
Chamilo LMS 1.11.8 and 2.x allows remote code execution through an lp_upload.php unauthenticated file upload feature. It extracts a ZIP archive before checking its content, and once it has been extracted, does not check files in a recursive way. This means that by putting a .php ...
Chamilo Chamilo Lms 1.11.8
3.5
CVSSv2
CVE-2018-20328
Chamilo LMS version 1.11.8 contains XSS in main/social/group_view.php in the social groups tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of th...
Chamilo Chamilo Lms 1.11.8
5.5
CVSSv2
CVE-2018-20329
Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access to the sessions catalogue (which may optionally be made public) to extract and/or modify database information.
Chamilo Chamilo Lms 1.11.8
3.5
CVSSv2
CVE-2018-20327
Chamilo LMS version 1.11.8 contains XSS in main/template/default/admin/gradebook_list.tpl in the gradebook dependencies tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk&...
Chamilo Chamilo Lms 1.11.8
4.3
CVSSv2
CVE-2020-23126
Chamilo LMS version 1.11.10 contains an XSS vulnerability in the personal profile edition form, affecting the user him/herself and social network friends.
Chamilo Chamilo Lms 1.11.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »