Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chamilo chamilo lms vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2013-6787
SQL injection vulnerability in the check_user_password function in main/auth/profile.php in Chamilo LMS 1.9.6 and previous versions, when using the non-encrypted passwords mode set at installation, allows remote authenticated users to execute arbitrary SQL commands via the "...
Chamilo Chamilo Lms 1.8.8.4
Chamilo Chamilo Lms 1.8.8.2
Chamilo Chamilo Lms 1.8.7.1
Chamilo Chamilo Lms 1.8.7
Chamilo Chamilo Lms
Chamilo Chamilo Lms 1.9.4
Chamilo Chamilo Lms 1.9.0
Chamilo Chamilo Lms 1.9.2
Chamilo Chamilo Lms 1.8.8.6
Chamilo Chamilo Lms 1.8.6.2
1 EDB exploit
668
VMScore
CVE-2018-1999019
Chamilo LMS version 11.x contains an Unserialization vulnerability in the "hash" GET parameter for the api endpoint located at /webservices/api/v2.php that can result in Unauthenticated remote code execution. This attack appear to be exploitable via a simple GET request...
Chamilo Chamilo Lms 1.11.0
Chamilo Chamilo Lms 1.11.6
Chamilo Chamilo Lms 1.11.8
Chamilo Chamilo Lms 1.11.4
Chamilo Chamilo Lms 1.11.2
383
VMScore
CVE-2019-1000015
Chamilo Chamilo-lms version 1.11.8 and previous versions contains a Cross Site Scripting (XSS) vulnerability in main/messages/new_message.php, main/social/personal_data.php, main/inc/lib/TicketManager.php, main/ticket/ticket_details.php that can result in a message being sent to ...
Chamilo Chamilo Lms
356
VMScore
CVE-2019-1000017
Chamilo Chamilo-lms version 1.11.8 and previous versions contains an Incorrect Access Control vulnerability in Tickets component that can result in an authenticated user can read all tickets available on the platform, due to lack of access controls. This attack appears to be expl...
Chamilo Chamilo Lms
NA
CVE-2023-34944
An arbitrary file upload vulnerability in the /fileUpload.lib.php component of Chamilo 1.11.* up to v1.11.18 allows malicious users to execute arbitrary code via uploading a crafted SVG file.
Chamilo Chamilo Lms
NA
CVE-2023-34958
Incorrect access control in Chamilo 1.11.* up to 1.11.18 allows a student subscribed to a given course to download documents belonging to another student if they know the document's ID.
Chamilo Chamilo Lms
NA
CVE-2023-34959
An issue in Chamilo v1.11.* up to v1.11.18 allows malicious users to execute a Server-Side Request Forgery (SSRF) and obtain information on the services running on the server via crafted requests in the social and links tools.
Chamilo Chamilo Lms
NA
CVE-2023-34961
Chamilo v1.11.x up to v1.11.18 exists to contain a cross-site scripting (XSS) vulnerability via the /feedback/comment field.
Chamilo Chamilo Lms
NA
CVE-2023-34962
Incorrect access control in Chamilo v1.11.x up to v1.11.18 allows a student to arbitrarily access and modify another student's personal notes.
Chamilo Chamilo Lms
383
VMScore
CVE-2021-37390
A Chamilo LMS 1.11.14 reflected XSS vulnerability exists in main/social/search.php=q URI (social network search feature).
Chamilo Chamilo Lms
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »