Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chamilo chamilo lms vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-1000015
Chamilo Chamilo-lms version 1.11.8 and previous versions contains a Cross Site Scripting (XSS) vulnerability in main/messages/new_message.php, main/social/personal_data.php, main/inc/lib/TicketManager.php, main/ticket/ticket_details.php that can result in a message being sent to ...
Chamilo Chamilo Lms
356
VMScore
CVE-2019-1000017
Chamilo Chamilo-lms version 1.11.8 and previous versions contains an Incorrect Access Control vulnerability in Tickets component that can result in an authenticated user can read all tickets available on the platform, due to lack of access controls. This attack appears to be expl...
Chamilo Chamilo Lms
312
VMScore
CVE-2021-35415
A stored cross-site scripting (XSS) vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the course "Title" and "Content" fields.
Chamilo Chamilo Lms
534
VMScore
CVE-2021-35413
A remote code execution (RCE) vulnerability in course_intro_pdf_import.php of Chamilo LMS v1.11.x allows authenticated malicious users to execute arbitrary code via a crafted .htaccess file.
Chamilo Chamilo Lms
NA
CVE-2023-34962
Incorrect access control in Chamilo v1.11.x up to v1.11.18 allows a student to arbitrarily access and modify another student's personal notes.
Chamilo Chamilo Lms
570
VMScore
CVE-2012-4030
Chamilo prior to 1.8.8.6 does not adequately handle user supplied input by the index.php script, which could allow remote malicious users to delete arbitrary files.
Chamilo Chamilo Lms
NA
CVE-2023-39582
SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allows a remote privileged malicious user to obtain sensitive information via the import sessions functions.
Chamilo Chamilo Lms
578
VMScore
CVE-2022-27421
Chamilo LMS v1.11.13 lacks validation on the user modification form, allowing malicious users to escalate privileges to Platform Admin.
Chamilo Chamilo Lms
383
VMScore
CVE-2022-27422
A reflected cross-site scripting (XSS) vulnerability in Chamilo LMS v1.11.13 allows malicious users to execute arbitrary web scripts or HTML via user interaction with a crafted URL.
Chamilo Chamilo Lms
668
VMScore
CVE-2022-27423
Chamilo LMS v1.11.13 exists to contain a SQL injection vulnerability via the blog_id parameter at /blog/blog.php.
Chamilo Chamilo Lms
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »