漏洞描述
Chamilo是一款可供用户免费下载的学习管理软件,该软件存在命令执行漏洞,可执行任意系统命令
Chamilo LMS 存在命令执行漏洞(CVE-2023-3368)
PoC代码
暂无相关漏洞推荐
- POC CVE-2021-34187: Chamilo model.ajax.php - SQL Injection
- POC CVE-2023-3368: Chamilo LMS <= v1.11.20 Unauthenticated Command Injection
- POC CVE-2023-34960: Chamilo Command Injection
- POC CVE-2023-4220: Chamilo LMS <= 1.11.24 - Remote Code Execution
- POC CVE-2023-34960: Chamilo Command Injection
- POC chamilo-installer: Chamilo Installer Exposure
- POC chamilo-lms-sqli: Chamilo 1.11.14 - SQL Injection
- POC chamilo-lms-xss: Chamilo LMS 1.11.14 Cross-Site Scripting
- chamilo model.ajax.php 存在sql注入漏洞 (CVE-2021-34187)
- Chamilo xml 命令执行漏洞
- chamilo的extra_field.ajax.php文件存在sql注入
- Chamilo存在命令执行漏洞(CVE-2023-34960)