Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chamilo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-31804
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via the course category parameters.
Chamilo Chamilo Lms 1.11.18
NA
CVE-2023-31805
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local authenticated malicious user to execute arbitrary code via the homepage function.
Chamilo Chamilo Lms 1.11.18
NA
CVE-2023-31807
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via a crafted payload to the personal notes function.
Chamilo Chamilo Lms 1.11.18
5.5
CVSSv2
CVE-2018-20329
Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access to the sessions catalogue (which may optionally be made public) to extract and/or modify database information.
Chamilo Chamilo Lms 1.11.8
NA
CVE-2023-31801
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via the skills wheel parameter.
Chamilo Chamilo Lms 1.11.18
NA
CVE-2023-31803
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via the resource sequencing parameters.
Chamilo Chamilo Lms 1.11.18
NA
CVE-2023-31806
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local malicious user to execute arbitrary code via a crafted payload to the My Progress function.
Chamilo Chamilo Lms 1.11.18
4
CVSSv2
CVE-2020-23128
Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions administrator privilege to create a new user then use the edit user function to change this new user to administrator privilege.
Chamilo Chamilo Lms 1.11.10
7.5
CVSSv2
CVE-2019-13082
Chamilo LMS 1.11.8 and 2.x allows remote code execution through an lp_upload.php unauthenticated file upload feature. It extracts a ZIP archive before checking its content, and once it has been extracted, does not check files in a recursive way. This means that by putting a .php ...
Chamilo Chamilo Lms 1.11.8
4.3
CVSSv2
CVE-2020-23126
Chamilo LMS version 1.11.10 contains an XSS vulnerability in the personal profile edition form, affecting the user him/herself and social network friends.
Chamilo Chamilo Lms 1.11.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »