Currently published 136 advisories.
(CVE-2023-3368) Chamilo LMS Unauthenticated Command Injection
Summary Product Chamilo Vendor Chamilo Severity High - Adversaries may exploit software vulnerabilities to obtain unauthenticated remote code execution. Affected Versions <= v1.11.20 Tested Versions v1.11.20 (latest version as of writing) CVE Identifier CVE-2023-3368 CVE Description Command injection in /main/webservices/additional_webservices.php in Chamilo LMS <= v1.11.20 allows unauthenticated attackers to obtain remote code execution via improper neutralisation of special characters....