Chamilo LMS 漏洞列表

共找到 2 个与 Chamilo LMS 相关的漏洞

📅 加载漏洞趋势中...

CVE-2023-3368: Chamilo LMS <= v1.11.20 Unauthenticated Command Injection POC

日期: 2025-08-01 | 影响软件: Chamilo LMS

Command injection in `/main/webservices/additional_webservices.php` in Chamilo LMS <= v1.11.20 allows unauthenticated attackers to obtain remote code execution via improper neutralisation of special characters.
CVE-2023-4220: Chamilo LMS <= 1.11.24 - Remote Code Execution POC

日期: 2025-08-01 | 影响软件: Chamilo LMS

Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.