CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Chamilo: >> Chamilo Lms >> 1.11.20 Security Vulnerabilities

CVE-2023-4221

Command injection in `main/lp/openoffice_presentation.class.php` in Chamilo LMS <= v1.11.24 allows users permitted to upload Learning Paths to obtain remote code execution via improper neutralisation of special characters.

CVSS Score

7.2

EPSS Score

0.019

Published

2023-11-28

CVE-2023-39582

SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allows a remote privileged attacker to obtain sensitive information via the import sessions functions.

CVSS Score

4.9

EPSS Score

0.001

Published

2023-09-01

Page 8

Vulnerabilities

Vulnerable Software

Chamilo: >> Chamilo Lms >> 1.11.20 Security Vulnerabilities

Products

Pricing

Contact Us