CVE-2023-3533 | Chamilo LMS up to 1.11.20 File Upload additional_webservices.php path traversal

Posted by Angelo Barbosa | Nov 28, 2023 | CVE

A vulnerability was found in Chamilo LMS up to 1.11.20 and classified as critical. Affected by this issue is some unknown functionality of the file /main/webservices/additional_webservices.php of the component File Upload. The manipulation leads to path traversal.

This vulnerability is handled as CVE-2023-3533. The attack may be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2023-3533 | Chamilo LMS up to 1.11.20 File Upload additional_webservices.php path traversal

Related Posts

CVE-2024-2011 | Hitachi Energy FOXMAN-UN/UNEM heap-based overflow

CVE-2024-45862 | Kastle Systems Access Control System cleartext storage (icsa-24-263-05)

CVE-2024-43381 | yogeshojha rengine up to 2.1.2 Dashboard View cross site scripting (GHSA-96q4-fj2m-jqf7)

CVE-2024-38407 | Qualcomm Snapdragon Compute up to WSA8845H JPEG Encoder Driver toctou