Chamilo: >> Chamilo Lms Security Vulnerabilities
SQL injection vulnerability in the check_user_password function in main/auth/profile.php in Chamilo LMS 1.9.6 and earlier, when using the non-encrypted passwords mode set at installation, allows remote authenticated users to execute arbitrary SQL commands via the "password0" parameter.
CVSS Score
6.0
EPSS Score
0.004
Published
2013-12-05
Page 6