CVE-2023-4226 | Chamilo LMS up to 1.11.24 work.ajax.php unrestricted upload

Posted by Angelo Barbosa | Nov 28, 2023 | CVE

A vulnerability was found in Chamilo LMS up to 1.11.24. It has been rated as critical. Affected by this issue is some unknown functionality of the file /main/inc/ajax/work.ajax.php. The manipulation leads to unrestricted upload.

This vulnerability is handled as CVE-2023-4226. The attack may be launched remotely. There is no exploit available.

CVE-2023-4226 | Chamilo LMS up to 1.11.24 work.ajax.php unrestricted upload

Related Posts

CVE-2023-32063 | oroinc crm up to 4.2.5/5.0.3/5.1.0 ACL access control (GHSA-897w-jv7j-6r7g)

CVE-2024-4651 | Campcodes Complete Web-Based School Management System 1.0 student_attendance_history1.php year cross site scripting

CVE-2024-2651 | GitLab Community Edition/Enterprise Edition up to 16.9.6/16.10.4/16.11.1 Markdown resource consumption (Issue 450830)

CVE-2024-35218 | Umbraco CMS prior 8.18.13/10.8.4/12.3.7/13.1.1 cross site scripting