Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Associated Vulnerability
Clear Filters
Found 394 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-33707 Weak Password Recovery Mechanism for Forgotten Password in chamilo/chamilo-lms chamilochamilo-lms Critical 9.4 2026-04-10 18:52:54 Deep Dive
CVE-2026-33706 Chamilo LMS has a REST API Self-Privilege Escalation (Student → Teacher) chamilochamilo-lms High 7.1 2026-04-10 18:51:24 Deep Dive
CVE-2026-33705 Chamilo LMS has unauthenticated access to Twig template source files exposes application logic chamilochamilo-lms Medium 5.3 2026-04-10 18:32:45 Deep Dive
CVE-2026-33704 Chamilo LMS Affected by Authenticated Arbitrary File Write via BigUpload endpoint chamilochamilo-lms High 7.1 2026-04-10 18:30:48 Deep Dive
CVE-2026-33703 Chamilo LMS Critical IDOR: Any Authenticated User Can Extract All Users’ Personal Data and API Tokens chamilochamilo-lms 中危 -2026-04-10 18:23:01 Deep Dive
CVE-2026-33702 Chamilo LMS has an Insecure Direct Object Reference (IDOR) chamilochamilo-lms High 7.1 2026-04-10 18:15:50 Deep Dive
CVE-2026-33698 Chamilo LMS affected by unauthenticated RCE in main/install folder chamilochamilo-lms 中危 -2026-04-10 18:14:17 Deep Dive
CVE-2026-33618 Chamilo LMS Affected by Remote Code Execution via eval() in Platform Settings chamilochamilo-lms High 8.8 2026-04-10 18:10:17 Deep Dive
CVE-2026-33141 Chamilo LMS has an IDOR in REST API Stats Endpoint Exposes Any User's Learning Data chamilochamilo-lms Medium 6.5 2026-04-10 18:01:26 Deep Dive
CVE-2026-32892 OS Command Injection in Chamilo LMS 1.11.36 chamilochamilo-lms Critical 9.1 2026-04-10 17:56:58 Deep Dive
CVE-2026-32932 Chamilo LMS has an Open Redirect via Unvalidated 'page' Parameter in Session Course Edit chamilochamilo-lms Medium 4.7 2026-04-10 17:51:58 Deep Dive
CVE-2026-32931 Chamilo LMS has Arbitrary File Upload via MIME-Only Validation in Exercise Sound Upload Leads to RCE chamilochamilo-lms High 7.5 2026-04-10 17:50:40 Deep Dive
CVE-2026-32930 Chamilo LMS has an IDOR in Gradebook Allows Cross-Course Evaluation Edit Without Ownership Check chamilochamilo-lms High 7.1 2026-04-10 17:48:52 Deep Dive
CVE-2026-32894 Chamilo LMS has an IDOR in Gradebook Allows Cross-Course Deletion of Any Student's Grade Result chamilochamilo-lms High 7.1 2026-04-10 17:44:25 Deep Dive
CVE-2026-32893 Chamilo LMS has Reflected XSS via Unsanitized http_build_query() in Exercise Question List Pagination chamilochamilo-lms Medium 5.4 2026-04-10 17:42:24 Deep Dive
CVE-2026-31941 Server-Side Request Forgery (SSRF) in Chamilo LMS chamilochamilo-lms High 7.7 2026-04-10 17:37:51 Deep Dive
CVE-2026-31940 Session Fixation in Chamilo LMS chamilochamilo-lms High 7.5 2026-04-10 17:35:11 Deep Dive
CVE-2026-31939 Path Traversal (Arbitrary File Delete) in Chamilo LMS chamilochamilo-lms High 8.3 2026-04-10 17:32:29 Deep Dive
CVE-2025-66447 Chamilo LMS has validation-less redirect on login page chamilochamilo-lms None 0.0 2026-04-10 17:22:32 Deep Dive
CVE-2026-3360 Tutor LMS <= 3.9.7 - Missing Authorization to Unauthenticated Arbitrary Billing Profile Overwrite via 'order_id' Parameter themeumTutor LMS – eLearning and online course solution High 7.5 2026-04-10 01:24:58 Deep Dive