Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chamilo chamilo vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2015-9540
Chamilo LMS up to and including 1.9.10.2 allows a link_goto.php?link_url= open redirect, a related issue to CVE-2015-5503.
Chamilo Chamilo Lms
4.9
CVSSv3
CVE-2023-39582
SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allows a remote privileged malicious user to obtain sensitive information via the import sessions functions.
Chamilo Chamilo Lms
9.8
CVSSv3
CVE-2021-35414
Chamilo LMS v1.11.x exists to contain a SQL injection via the doc parameter in main/plagiarism/compilatio/upload.php.
Chamilo Chamilo Lms
6.5
CVSSv3
CVE-2019-1000017
Chamilo Chamilo-lms version 1.11.8 and previous versions contains an Incorrect Access Control vulnerability in Tickets component that can result in an authenticated user can read all tickets available on the platform, due to lack of access controls. This attack appears to be expl...
Chamilo Chamilo Lms
NA
CVE-2015-5503
Open redirect vulnerability in the Chamilo integration module 7.x-1.x prior to 7.x-1.2 for Drupal allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters.
Chamilo Integration Project Chamilo Integration 7.x-1.1
Chamilo Integration Project Chamilo Integration 7.x-1.0
5.4
CVSSv3
CVE-2018-20327
Chamilo LMS version 1.11.8 contains XSS in main/template/default/admin/gradebook_list.tpl in the gradebook dependencies tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk&...
Chamilo Chamilo Lms 1.11.8
4.8
CVSSv3
CVE-2023-31799
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via the system annnouncements parameter.
Chamilo Chamilo Lms 1.11.18
5.4
CVSSv3
CVE-2023-31800
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via the forum title parameter.
Chamilo Chamilo Lms 1.11.18
6.1
CVSSv3
CVE-2023-31801
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via the skills wheel parameter.
Chamilo Chamilo Lms 1.11.18
5.4
CVSSv3
CVE-2023-31802
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via the skype and linedin_url parameters.
Chamilo Chamilo Lms 1.11.18
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »