CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 1CVE-2023-3545 – Chamilo LMS Htaccess File Upload Security Bypass
https://notcve.org/view.php?id=CVE-2023-3545
28 Nov 2023 — Improper sanitisation in `main/inc/lib/fileUpload.lib.php` in Chamilo LMS <= v1.11.20 on Windows and Apache installations allows unauthenticated attackers to bypass file upload security protections and obtain remote code execution via uploading of `.htaccess` file. This vulnerability may be exploited by privileged attackers or chained with unauthenticated arbitrary file write vulnerabilities, such as CVE-2023-3533, to achieve remote code execution. La sanitización inadecuada en `main/inc/lib/fileUpload.lib.... • https://github.com/chamilo/chamilo-lms/commit/dc7bfce429fbd843a95a57c184b6992c4d709549 • CWE-178: Improper Handling of Case Sensitivity •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 1CVE-2023-3533 – Chamilo LMS Unauthenticated Remote Code Execution via Arbitrary File Write
https://notcve.org/view.php?id=CVE-2023-3533
28 Nov 2023 — Path traversal in file upload functionality in `/main/webservices/additional_webservices.php` in Chamilo LMS <= v1.11.20 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via arbitrary file write. Path Traversal en la funcionalidad de carga de archivos en `/main/webservices/additional_webservices.php` en Chamilo LMS en versiones <= 1.11.20 permite a atacantes no autenticados realizar ataques de Cross Site Scripting Almacenados y obtener ejecu... • https://github.com/chamilo/chamilo-lms/commit/37be9ce7243a30259047dd4517c48ff8b21d657a • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 93%CPEs: 1EXPL: 1CVE-2023-3368 – Chamilo LMS Unauthenticated Command Injection
https://notcve.org/view.php?id=CVE-2023-3368
28 Nov 2023 — Command injection in `/main/webservices/additional_webservices.php` in Chamilo LMS <= v1.11.20 allows unauthenticated attackers to obtain remote code execution via improper neutralisation of special characters. This is a bypass of CVE-2023-34960. Inyección de comando en `/main/webservices/additional_webservices.php` en Chamilo LMS en versiones <= 1.11.20 permite a atacantes no autenticados obtener la ejecución remota de código mediante la neutralización inadecuada de caracteres especiales. Esta es una om... • https://github.com/chamilo/chamilo-lms/commit/37be9ce7243a30259047dd4517c48ff8b21d657a • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39061
https://notcve.org/view.php?id=CVE-2023-39061
21 Aug 2023 — Cross Site Request Forgery (CSRF) vulnerability in Chamilo v.1.11 thru v.1.11.20 allows a remote authenticated privileged attacker to execute arbitrary code. Una vulnerabilidad de Cross-Site Request Forgery (CSRF) en Chamilo desde v1.11 a v1.11.20 permite a un atacante remoto autenticado ejecutar código arbitrario. • http://chamilo.com • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 84%CPEs: 1EXPL: 7CVE-2023-34960 – Chamilo 1.11.18 Command Injection
https://notcve.org/view.php?id=CVE-2023-34960
01 Aug 2023 — A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name. • https://github.com/YongYe-Security/CVE-2023-34960 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37066
https://notcve.org/view.php?id=CVE-2023-37066
07 Jul 2023 — Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the skills wheel. • https://github.com/chamilo/chamilo-lms/commit/4f7b5ebf90c35999917c231276e47a4184275690 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37067
https://notcve.org/view.php?id=CVE-2023-37067
07 Jul 2023 — Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the classes/usergroups management section. • https://github.com/chamilo/chamilo-lms/commit/c75ff227bcf00e9f88e9477b78eaeed9e0668905 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37061
https://notcve.org/view.php?id=CVE-2023-37061
07 Jul 2023 — Chamilo 1.11.x up to 1.11.20 allows users with an admin privilege account to insert XSS in the languages management section. • https://github.com/chamilo/chamilo-lms/commit/75e9b3e0acac6f7a643da6ff19a00d55a94417a1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37062
https://notcve.org/view.php?id=CVE-2023-37062
07 Jul 2023 — Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the course categories' definition. • https://github.com/chamilo/chamilo-lms/commit/c263933d1d958edee3999820f636c8cb919d03d1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37063
https://notcve.org/view.php?id=CVE-2023-37063
07 Jul 2023 — Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the careers & promotions management section. • https://github.com/chamilo/chamilo-lms/commit/546a18b0bd1446123f4e29f81f42e71b761f51b7 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •