Vulnerabilities > Chamilo > Chamilo LMS > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-30 | CVE-2019-13082 | Unrestricted Upload of File with Dangerous Type vulnerability in Chamilo LMS 1.11.8 Chamilo LMS 1.11.8 and 2.x allows remote code execution through an lp_upload.php unauthenticated file upload feature. | 7.5 |
| 2018-07-23 | CVE-2018-1999019 | Code Injection vulnerability in Chamilo LMS Chamilo LMS version 11.x contains an Unserialization vulnerability in the "hash" GET parameter for the api endpoint located at /webservices/api/v2.php that can result in Unauthenticated remote code execution. | 7.5 |