A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.…

Command injection in `/main/webservices/additional_webservices.php` in Chamilo LMS <= v1.11.20 …

main/inc/ajax/model.ajax.php in Chamilo through 1.11.14 allows SQL Injection via the searchFiel…

A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input s…

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injec…

Path traversal in file upload functionality in `/main/webservices/additional_webservices.php` i…

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injec…

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injec…

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injec…

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS command Injec…

Improper sanitisation in `main/inc/lib/fileUpload.lib.php` in Chamilo LMS <= v1.11.20 on Window…

admin/user_import.php in Chamilo 1.11.x reads XML data without disabling the ability to load ex…

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, an O…

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS conta…

Cross-site scripting (XSS) vulnerability in main/dropbox/index.php in Chamilo LMS before 1.8.8.…

chamilo-lms v1.11.14 is affected by a Cross Site Scripting (XSS) vulnerability in /plugin/jcapt…

A zip slip vulnerability in the file upload function of Chamilo v1.11 allows attackers to execu…

A Cross-Site Request Forgery (CSRF) in Chamilo LMS 1.11.14 allows attackers to execute arbitrar…

Chamilo 1.11.14 allows XSS via a main/calendar/agenda_list.php?type= URI.

Chamilo 1.11.14 allows stored XSS via main/install/index.php and main/install/ajax.php through …

Chamilo is a learning management system. Chamillo is affected by a post-authentication phar uns…

Chamilo is a learning management system. Prior to version 1.11.28, parameter from SOAP request …

Chamilo LMS v1.11.14 was discovered to contain a zero click code injection vulnerability which …

Chamilo 1.9.4 has XSS due to improper validation of user-supplied input by the chat.php script.

Chamilo 1.9.4 has Multiple XSS and HTML Injection Vulnerabilities: blog.php and announcements.p…

Chamilo is a learning management system. Prior to version 1.11.30, the application performs ins…

Chamilo is a learning management system. Prior to version 1.11.34, Chamilo LMS is affected by a…

Chamilo is a learning management system. Prior to version 1.11.30, the application performs ins…

Chamilo 1.11.16 is affected by an authenticated local file inclusion vulnerability which allows…

Chamilo is a learning management system. Prior to version 1.11.30, there is a time-based SQL In…

Chamilo is a learning management system. Prior to version 1.11.30, there is an error-based SQL …

Chamilo LMS v1.11.13 was discovered to contain a cross-site scripting (XSS) vulnerability via t…

Chamilo is a learning management system. Prior to version 1.11.30, there is an error-based SQL …

Chamilo LMS is a learning management system. Prior to version 1.11.36, an arbitrary file upload…

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an unrestricted f…

Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user (includin…

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, the default passw…

Chamilo is a learning management system. Prior to version 1.11.30, a Stored XSS vulnerability e…

Chamilo is a learning management system. Prior to version 1.11.30, in the application, deserial…

Chamilo is a learning management system. Prior to version 1.11.30, there is a blind SSRF vulner…