CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30616
https://notcve.org/view.php?id=CVE-2024-30616
04 Nov 2024 — Chamilo LMS 1.11.26 is vulnerable to Incorrect Access Control via main/auth/profile. Non-admin users can manipulate sensitive profiles information, posing a significant risk to data integrity. • https://github.com/bahadoumi/Vulnerability-Research/tree/main/CVE-2024-30616 • CWE-863: Incorrect Authorization •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30617
https://notcve.org/view.php?id=CVE-2024-30617
04 Nov 2024 — A Cross-Site Request Forgery (CSRF) vulnerability in Chamilo LMS 1.11.26 "/main/social/home.php," allows attackers to initiate a request that posts a fake post onto the user's social wall without their consent or knowledge. • https://github.com/bahadoumi/Vulnerability-Research/tree/main/CVE-2024-30617 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30618
https://notcve.org/view.php?id=CVE-2024-30618
04 Nov 2024 — A Stored Cross-Site Scripting (XSS) Vulnerability in Chamilo LMS 1.11.26 allows a remote attacker to execute arbitrary JavaScript in a web browser by including a malicious payload in the 'content' parameter of 'group_topics.php'. • https://github.com/bahadoumi/Vulnerability-Research/tree/main/CVE-2024-30618 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30619
https://notcve.org/view.php?id=CVE-2024-30619
04 Nov 2024 — Chamilo LMS Version 1.11.26 is vulnerable to Incorrect Access Control. A non-authenticated attacker can request the number of messages and the number of online users via "/main/inc/ajax/message.ajax.php?a=get_count_message" AND "/main/inc/ajax/online.ajax.php?a=get_users_online." • https://github.com/bahadoumi/Vulnerability-Research/tree/main/CVE-2024-30619 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27524
https://notcve.org/view.php?id=CVE-2024-27524
01 Nov 2024 — Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows a remote attacker to escalate privileges via a crafted script to the filename parameter of the new_ticket.php component. • https://github.com/chamilo/chamilo-lms/commit/53275c152275958b33a1f87a21843daa52fb543a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27525
https://notcve.org/view.php?id=CVE-2024-27525
01 Nov 2024 — Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows a remote attacker to escalate privileges via a crafted script to the filename parameter of the home.php component. • https://github.com/chamilo/chamilo-lms/commit/a63e03ef961e7bf2dab56f4ede6f87edef40ba0c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4225 – Chamilo LMS File Upload Functionality Remote Code Execution
https://notcve.org/view.php?id=CVE-2023-4225
28 Nov 2023 — Unrestricted file upload in `/main/inc/ajax/exercise.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files. La carga de archivos sin restricciones en `/main/inc/ajax/exercise.ajax.php` en Chamilo LMS en versiones <= 1.11.24 permite a atacantes autenticados con rol de aprendizaje obtener la ejecución remota de código mediante la carga de archivos PHP. • https://github.com/chamilo/chamilo-lms/commit/6f32625a012d5de2dfe8edbccb4ed14a85e310d4 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 2CVE-2023-4226 – Chamilo LMS File Upload Functionality Remote Code Execution
https://notcve.org/view.php?id=CVE-2023-4226
28 Nov 2023 — Unrestricted file upload in `/main/inc/ajax/work.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files. La carga de archivos sin restricciones en `/main/inc/ajax/work.ajax.php` en Chamilo LMS en versiones <= 1.11.24 permite a atacantes autenticados con rol de aprendizaje obtener la ejecución remota de código mediante la carga de archivos PHP. • https://github.com/krishnan-tech/CVE-2023-4226-POC • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4224 – Chamilo LMS File Upload Functionality Remote Code Execution
https://notcve.org/view.php?id=CVE-2023-4224
28 Nov 2023 — Unrestricted file upload in `/main/inc/ajax/dropbox.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files. La carga de archivos sin restricciones en `/main/inc/ajax/dropbox.ajax.php` en Chamilo LMS en versiones <= 1.11.24 permite a atacantes autenticados con rol de aprendizaje obtener la ejecución remota de código mediante la carga de archivos PHP. • https://github.com/chamilo/chamilo-lms/commit/6f32625a012d5de2dfe8edbccb4ed14a85e310d4 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4223 – Chamilo LMS File Upload Functionality Remote Code Execution
https://notcve.org/view.php?id=CVE-2023-4223
28 Nov 2023 — Unrestricted file upload in `/main/inc/ajax/document.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files. La carga de archivos sin restricciones en `/main/inc/ajax/document.ajax.php` en Chamilo LMS en versiones <= 1.11.24 permite a atacantes autenticados con rol de aprendizaje obtener la ejecución remota de código mediante la carga de archivos PHP. • https://github.com/chamilo/chamilo-lms/commit/3d74fb7d99bd2e287730552f7a66562417a55047 • CWE-434: Unrestricted Upload of File with Dangerous Type •