Author: Angelo Barbosa

A vulnerability, which was classified as critical, was found in Chamilo LMS up to 1.11.20. Affected is an unknown function of the file /main/webservices/additional_webservices.php. The manipulation leads to os command injection. This vulnerability is traded as CVE-2023-3368. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this...

A vulnerability, which was classified as critical, has been found in Chamilo LMS up to 1.11.24. This issue affects some unknown processing of the file main/lp/openoffice_text_document.class.php. The manipulation leads to os command injection. The identification of this vulnerability is CVE-2023-4222. The attack may be initiated remotely. There is no exploit...

A vulnerability classified as critical was found in Chamilo LMS up to 1.11.24. This vulnerability affects unknown code of the file main/lp/openoffice_presentation.class.php. The manipulation leads to os command injection. This vulnerability was named CVE-2023-4221. The attack can be initiated remotely. There is no exploit...

A vulnerability classified as critical has been found in Chamilo LMS up to 1.11.24. This affects an unknown part of the file /main/inc/ajax/document.ajax.php. The manipulation leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2023-4223. It is possible to initiate the attack remotely. There is no exploit...

A vulnerability was found in Chamilo LMS up to 1.11.20. It has been rated as critical. Affected by this issue is some unknown functionality in the library main/inc/lib/fileUpload.lib.php of the component File Upload Handler. The manipulation leads to improper handling of case sensitivity. This vulnerability is handled as CVE-2023-3545. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this...