Chamilo ≫ Chamilo

Improper sanitisation in `main/inc/lib/fileUpload.lib.php` in Chamilo LMS <= v1.11.20 on Windows and Apache installations allows unauthenticated attackers to bypass file upload security protections and obtain remote code execution via uploading of `....

Path traversal in file upload functionality in `/main/webservices/additional_webservices.php` in Chamilo LMS <= v1.11.20 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via arbitrary fi...

Command injection in `/main/webservices/additional_webservices.php` in Chamilo LMS <= v1.11.20 allows unauthenticated attackers to obtain remote code execution via improper neutralisation of special characters. This is a bypass of CVE-2023-34960.

Cross Site Request Forgery (CSRF) vulnerability in Chamilo v.1.11 thru v.1.11.20 allows a remote authenticated privileged attacker to execute arbitrary code.

A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the classes/usergroups management section.

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the skills wheel.

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the session category management section.

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the extra fields management section.

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the careers & promotions management section.