CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-23126
https://notcve.org/view.php?id=CVE-2020-23126
03 Nov 2021 — Chamilo LMS version 1.11.10 contains an XSS vulnerability in the personal profile edition form, affecting the user him/herself and social network friends. Chamilo LMS versión 1.11.10, contiene una vulnerabilidad de tipo XSS en el formulario de edición del perfil personal, que afecta al propio usuario y a los amigos de la red social • https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-42-2020-04-23-High-risk-low-impact-XSS-in-extended-users-profile-fields • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-37390
https://notcve.org/view.php?id=CVE-2021-37390
10 Aug 2021 — A Chamilo LMS 1.11.14 reflected XSS vulnerability exists in main/social/search.php=q URI (social network search feature). Se presenta una vulnerabilidad de tipo XSS reflejado en Chamilo LMS versión 1.11.14, en la función main/social/search.php=q URI (funcionalidad de búsqueda en redes sociales) • https://gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chamilo-lms-1.11.14-xss-vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2CVE-2021-37391 – Chamilo LMS 1.11.14 - Account Takeover
https://notcve.org/view.php?id=CVE-2021-37391
10 Aug 2021 — A user without privileges in Chamilo LMS 1.11.14 can send an invitation message to another user, e.g., the administrator, through main/social/search.php, main/inc/lib/social.lib.php and steal cookies or execute arbitrary code on the administration side via a stored XSS vulnerability via social network the send invitation feature. Un usuario sin privilegios en Chamilo LMS versión 1.11.14, puede enviar un mensaje de invitación a otro usuario, por ejemplo, el administrador, mediante los archivos main/social/se... • https://www.exploit-db.com/exploits/50694 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 1CVE-2020-23128
https://notcve.org/view.php?id=CVE-2020-23128
05 May 2021 — Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions administrator privilege to create a new user then use the edit user function to change this new user to administrator privilege. Chamilo LMS versión 1.11.10, no administra apropiadamente los privilegios que podrían permitir a un usuario con privilegios de administrador de Sesiones crear un nuevo usuario y luego usar la función edit user para cambiar este nuevo usuario a privilegio de administrador • https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-41-2020-04-22-Medium-risk-high-impact-CSRF-and-privilege-escalation-via-CSRF • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2020-23127
https://notcve.org/view.php?id=CVE-2020-23127
05 May 2021 — Chamilo LMS 1.11.10 is affected by Cross Site Request Forgery (CSRF) via the edit_user function by targeting an admin user. Chamilo LMS versión 1.11.10, está afectado por una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) por medio de la función edit_user al apuntar a un usuario administrador • https://github.com/patrickhalasik/cve-2020-23127-PoC • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2015-9540
https://notcve.org/view.php?id=CVE-2015-9540
04 Jan 2020 — Chamilo LMS through 1.9.10.2 allows a link_goto.php?link_url= open redirect, a related issue to CVE-2015-5503. Chamilo LMS versiones hasta la versión 1.9.10.2, permite un redireccionamiento abierto de link_goto.php?link_url=, un problema relacionado con CVE-2015-5503. • https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-18-2015-05-02-Low-Moderate-risk-URL-hijackingspoofing • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-13082
https://notcve.org/view.php?id=CVE-2019-13082
30 Jun 2019 — Chamilo LMS 1.11.8 and 2.x allows remote code execution through an lp_upload.php unauthenticated file upload feature. It extracts a ZIP archive before checking its content, and once it has been extracted, does not check files in a recursive way. This means that by putting a .php file in a folder and then this folder in a ZIP archive, the server will accept this file without any checks. Because one can access this file from the website, it is remote code execution. This is related to a scorm imsmanifest.xml ... • https://0xecute.com/?p=32 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-1000017
https://notcve.org/view.php?id=CVE-2019-1000017
04 Feb 2019 — Chamilo Chamilo-lms version 1.11.8 and earlier contains an Incorrect Access Control vulnerability in Tickets component that can result in an authenticated user can read all tickets available on the platform, due to lack of access controls. This attack appears to be exploitable via ticket_id=[ticket number]. This vulnerability appears to have been fixed in 1.11.x after commit 33e2692a37b5b6340cf5bec1a84e541460983c03. Chamilo Chamilo-lms, en versiones 1.11.8 y anteriores, contiene una vulnerabilidad de contro... • https://github.com/chamilo/chamilo-lms/commit/33e2692a37b5b6340cf5bec1a84e541460983c03 • CWE-862: Missing Authorization •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-1000015
https://notcve.org/view.php?id=CVE-2019-1000015
04 Feb 2019 — Chamilo Chamilo-lms version 1.11.8 and earlier contains a Cross Site Scripting (XSS) vulnerability in main/messages/new_message.php, main/social/personal_data.php, main/inc/lib/TicketManager.php, main/ticket/ticket_details.php that can result in a message being sent to the Administrator with the XSS to steal cookies. A ticket can be created with a XSS payload in the subject field. This attack appears to be exploitable via
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2018-20327
https://notcve.org/view.php?id=CVE-2018-20327
21 Dec 2018 — Chamilo LMS version 1.11.8 contains XSS in main/template/default/admin/gradebook_list.tpl in the gradebook dependencies tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators. This is considered "low risk" due to the nature of the feature it exploits. Chamilo LMS 1.11.8 contiene Cross-Site Scripting (XSS) en main/template/default/admin/gradebook_list.tpl en la herramienta de dependencias del gradebook, lo que permite que usuarios autentic... • https://github.com/chamilo/chamilo-lms/commit/814049e5bd5317d761dda0ebbbc519cb2a64ab6c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •