RSS   Podatności dla 'Chamilo lms'   RSS

2021-12-03
 
CVE-2021-35413

CWE-94
 

 
A remote code execution (RCE) vulnerability in course_intro_pdf_import.php of Chamilo LMS v1.11.x allows authenticated attackers to execute arbitrary code via a crafted .htaccess file.

 
 
CVE-2021-35414

CWE-89
 

 
Chamilo LMS v1.11.x was discovered to contain a SQL injection via the doc parameter in main/plagiarism/compilatio/upload.php.

 
 
CVE-2021-35415

CWE-79
 

 
A stored cross-site scripting (XSS) vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the course "Title" and "Content" fields.

 
2021-11-03
 
CVE-2020-23126

CWE-79
 

 
Chamilo LMS version 1.11.10 contains an XSS vulnerability in the personal profile edition form, affecting the user him/herself and social network friends.

 
2021-08-10
 
CVE-2021-37390

CWE-79
 

 
A Chamilo LMS 1.11.14 reflected XSS vulnerability exists in main/social/search.php=q URI (social network search feature).

 
2021-05-06
 
CVE-2020-23127

CWE-352
 

 
Chamilo LMS 1.11.10 is affected by Cross Site Request Forgery (CSRF) via the edit_user function by targeting an admin user.

 
 
CVE-2020-23128

CWE-269
 

 
Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions administrator privilege to create a new user then use the edit user function to change this new user to administrator privilege.

 
2020-01-10
 
CVE-2012-4030

CWE-20
 

 
Chamilo before 1.8.8.6 does not adequately handle user supplied input by the index.php script, which could allow remote attackers to delete arbitrary files.

 
2020-01-04
 
CVE-2015-9540

CWE-601
 

 
Chamilo LMS through 1.9.10.2 allows a link_goto.php?link_url= open redirect, a related issue to CVE-2015-5503.

 
2019-06-30
 
CVE-2019-13082

CWE-434
 

 
Chamilo LMS 1.11.8 and 2.x allows remote code execution through an lp_upload.php unauthenticated file upload feature. It extracts a ZIP archive before checking its content, and once it has been extracted, does not check files in a recursive way. This means that by putting a .php file in a folder and then this folder in a ZIP archive, the server will accept this file without any checks. Because one can access this file from the website, it is remote code execution. This is related to a scorm imsmanifest.xml file, the import_package function, and extraction in $courseSysDir.$newDir.

 


Copyright 2024, cxsecurity.com

 

Back to Top