CVE-2023-3368 | Chamilo LMS up to 1.11.20 additional_webservices.php os command injection

Posted by Angelo Barbosa | Nov 28, 2023 | CVE

A vulnerability, which was classified as critical, was found in Chamilo LMS up to 1.11.20. Affected is an unknown function of the file /main/webservices/additional_webservices.php. The manipulation leads to os command injection.

This vulnerability is traded as CVE-2023-3368. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2023-3368 | Chamilo LMS up to 1.11.20 additional_webservices.php os command injection

Related Posts

CVE-2024-2202 | SiteOrigin Page Builder Plugin up to 2.29.6 on WordPress Legacy Image Widget cross site scripting

CVE-2024-0986 | Issabel PBX 4.0.0 Asterisk-Cli index.php Command os command injection

CVE-2024-3816 | Concept Intermedia SAM CMS up to 3.3 sql injection

CVE-2024-29508 | Artifex Ghostscript up to 10.0.2.x BaseFont Name pdf_base_font_alloc heap-based overflow