CVE-2026-30881 | Chamilo LMS up to 1.11.35 AJAX Endpoint Database::escape_string sql injection

Inserito da Angelo Barbosa | Mar 16, 2026 | CVE

A vulnerability was found in Chamilo LMS up to 1.11.35. It has been rated as critical. Impacted is the function Database::escape_string of the component AJAX Endpoint. The manipulation leads to sql injection.

This vulnerability is listed as CVE-2026-30881. The attack may be initiated remotely. There is no available exploit.

Upgrading the affected component is advised.

CVE-2026-30881 | Chamilo LMS up to 1.11.35 AJAX Endpoint Database::escape_string sql injection

Post correlati

CVE-2023-52606 | Linux Kernel up to 6.7.3 powerpc analyse_instr stack-based overflow

CVE-2026-23125 | Linux Kernel up to 6.18.7 sctp_auth_asoc_init_active_key initialization

CVE-2026-27748 | Gen Digital Avira Internet Security up to 1.1.109.1990 Software Updater link following

CVE-2024-43780 | Mattermost up to 9.5.7/9.8.2/9.9.1/9.10.0/9.11.0 Channel access control