Vulnerabilities > Chamilo

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-01	CVE-2023-39582	SQL Injection vulnerability in Chamilo LMS SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allows a remote privileged attacker to obtain sensitive information via the import sessions functions. network low complexity chamilo CWE-89	4.9
2023-08-21	CVE-2023-39061	Cross-Site Request Forgery (CSRF) vulnerability in Chamilo Cross Site Request Forgery (CSRF) vulnerability in Chamilo v.1.11 thru v.1.11.20 allows a remote authenticated privileged attacker to execute arbitrary code. network low complexity chamilo CWE-352	3.5
2023-08-01	CVE-2023-34960	Command Injection vulnerability in Chamilo A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name. network low complexity chamilo CWE-77 critical	9.8
2023-07-07	CVE-2023-37061	Cross-site Scripting vulnerability in Chamilo Chamilo 1.11.x up to 1.11.20 allows users with an admin privilege account to insert XSS in the languages management section. network low complexity chamilo CWE-79	4.8
2023-07-07	CVE-2023-37062	Cross-site Scripting vulnerability in Chamilo Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the course categories' definition. network low complexity chamilo CWE-79	4.8
2023-07-07	CVE-2023-37063	Cross-site Scripting vulnerability in Chamilo Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the careers & promotions management section. network low complexity chamilo CWE-79	4.8
2023-07-07	CVE-2023-37064	Cross-site Scripting vulnerability in Chamilo Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the extra fields management section. network low complexity chamilo CWE-79	4.8
2023-07-07	CVE-2023-37065	Cross-site Scripting vulnerability in Chamilo Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the session category management section. network low complexity chamilo CWE-79	4.8
2023-07-07	CVE-2023-37066	Cross-site Scripting vulnerability in Chamilo Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the skills wheel. network low complexity chamilo CWE-79	4.8
2023-07-07	CVE-2023-37067	Cross-site Scripting vulnerability in Chamilo Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the classes/usergroups management section. network low complexity chamilo CWE-79	4.8

Vulnerabilities > Chamilo {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Chamilo"}]}

Vulnerabilities > Chamilo