8.8
CVE-2026-33704
- EPSS 0.42%
- Veröffentlicht 10.04.2026 18:30:48
- Zuletzt bearbeitet 16.04.2026 18:34:15
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
Chamilo LMS Affected by Authenticated Arbitrary File Write via BigUpload endpoint
Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user (including students) can write arbitrary content to files on the server via the BigUpload endpoint. The key parameter controls the filename and the raw POST body becomes the file content. While .php extensions are filtered to .phps, the .pht extension passes through unmodified. On Apache configurations where .pht is handled as PHP, this leads to Remote Code Execution. This vulnerability is fixed in 1.11.38.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Chamilo ≫ Chamilo Lms Version < 1.11.38
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.42% | 0.334 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| security-advisories@github.com | 7.1 | 2.8 | 4.2 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
|
CWE-434 Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
https://github.com/chamilo/chamilo-lms/security/advisories/GHSA-phfx-pwwg-945v
https://github.com/chamilo/chamilo-lms/commit/9748f1ffbdb8b6dc84c0e0591c9d3c1d92e21c00