Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chamilo vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2020-23127
Chamilo LMS 1.11.10 is affected by Cross Site Request Forgery (CSRF) via the edit_user function by targeting an admin user.
Chamilo Chamilo Lms 1.11.10
4
CVSSv2
CVE-2020-23128
Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions administrator privilege to create a new user then use the edit user function to change this new user to administrator privilege.
Chamilo Chamilo Lms 1.11.10
NA
CVE-2023-31799
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via the system annnouncements parameter.
Chamilo Chamilo Lms 1.11.18
NA
CVE-2023-31800
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via the forum title parameter.
Chamilo Chamilo Lms 1.11.18
NA
CVE-2023-31801
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via the skills wheel parameter.
Chamilo Chamilo Lms 1.11.18
NA
CVE-2023-31802
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via the skype and linedin_url parameters.
Chamilo Chamilo Lms 1.11.18
NA
CVE-2023-31803
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via the resource sequencing parameters.
Chamilo Chamilo Lms 1.11.18
NA
CVE-2023-31804
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via the course category parameters.
Chamilo Chamilo Lms 1.11.18
NA
CVE-2023-31805
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local authenticated malicious user to execute arbitrary code via the homepage function.
Chamilo Chamilo Lms 1.11.18
NA
CVE-2023-31806
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via a crafted payload to the My Progress function.
Chamilo Chamilo Lms 1.11.18
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »