Home/Product/chamilo lms
Product

chamilo lms

122 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-40291
<= 1.11.38
Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, an insecure direct object modification
8.8HIGH
 CVE-2026-35196
<= 1.11.38
Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, an OS Command Injection vulnerability e
8.8HIGH
 CVE-2026-34602
<= 1.11.38
Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the /api/course_rel_users endpoint is v
7.1HIGH
 CVE-2026-34370
<= 1.11.38
Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the notebook module contains an Insecur
6.5MEDIUM
 CVE-2026-34161
<= 1.11.38
Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, a Stored Cross-Site Scripting (XSS) vul
5.4MEDIUM
 CVE-2026-34160
<= 1.11.38
Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the PENS (Package Exchange Notification
8.6HIGH
 CVE-2026-33715
all versions
Chamilo LMS is an open-source learning management system. In version 2.0-RC.2, the file public/main/inc/ajax/install.ajax.php is a
7.2HIGH
 CVE-2026-33714
all versions
Chamilo is an open-source learning management system (LMS). Version 2.0.0-RC.2 contains a SQL Injection vulnerability in the stati
7.2HIGH
 CVE-2026-33737
< 1.11.38
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, multiple files use simplexml_load_string() without X
5.3MEDIUM
 CVE-2026-33736
all versions
Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, any authenticated user (including ROLE_STUDENT) can enumerate al
6.5MEDIUM
 CVE-2026-33710
< 1.11.38
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, REST API keys are generated using md5(time() + (user
7.5HIGH
 CVE-2026-33708
< 1.11.38
Chamilo LMS is a learning management system. Prior to 1.11.38, the get_user_info_from_username REST API endpoint returns personal
6.5MEDIUM
 CVE-2026-33707
< 1.11.38
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, the default password reset mechanism generates token
9.4CRITICAL
 CVE-2026-33706
< 1.11.38
Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user with a REST API key can modify their own sta
7.1HIGH
 CVE-2026-33705
< 1.11.38
Chamilo LMS is a learning management system. Prior to 1.11.38, Twig template files (.tpl) under /main/template/default/ are direct
5.3MEDIUM
 CVE-2026-33704
< 1.11.38
Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user (including students) can write arbitrary con
7.1HIGH
 CVE-2026-33703
all versions
Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference (IDOR) vulnerability in the
6.5MEDIUM
 CVE-2026-33702
< 1.11.38
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains an Insecure Direct Object Refer
7.1HIGH
 CVE-2026-33698
< 1.11.38
Chamilo LMS is a learning management system. Prior to 1.11.38, a chained attack can enable otherwise-blocked PHP code from the mai
9.8CRITICAL
 CVE-2026-33618
all versions
Chamilo LMS is a learning management system. Prior to .0.0-RC.3, the PlatformConfigurationController::decodeSettingArray() method
8.8HIGH
 CVE-2026-33141
<= 1.11.38
Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference (IDOR) vulnerability in the
6.5MEDIUM
 CVE-2026-32932
< 1.11.38
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Open Redirect vulnerability in the session course
4.7MEDIUM
 CVE-2026-32931
< 1.11.38
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an unrestricted file upload vulnerability in the exe
7.5HIGH
 CVE-2026-32930
< 1.11.38
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Insecure Direct Object Reference (IDOR) vulnerabi
7.1HIGH
 CVE-2026-32894
< 1.11.38
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Insecure Direct Object Reference (IDOR) vulnerabi
7.1HIGH
 CVE-2026-32893
all versions
Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, a Reflected Cross-Site Scripting (XSS) vulnerability in the exer
5.4MEDIUM
 CVE-2026-32892
< 1.11.38
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains an OS Command Injection vulnera
9.1CRITICAL
 CVE-2026-31941
< 1.11.38
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains a Server-Side Request Forgery (
7.7HIGH
 CVE-2026-31940
< 1.11.38
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, in main/lp/aicc_hacp.php, user-controlled request pa
7.5HIGH
 CVE-2026-31939
< 1.11.38
Chamilo LMS is a learning management system. Prior to 1.11.38, there is a path traversal in main/exercise/savescores.php leading t
8.3HIGH
 CVE-2025-66447
<= 1.11.38
Chamilo LMS is a learning management system. From 1.11.0 to 2.0-beta.1, anyone can trigger a malicious redirect through the use of
NONE
 CVE-2026-30882
< 1.11.36
Chamilo LMS is a learning management system. Chamilo LMS version 1.11.34 and prior contains a Reflected Cross-Site Scripting (XSS)
6.1MEDIUM
 CVE-2026-30881
< 1.11.36
Chamilo LMS is a learning management system. Version 1.11.34 and prior contains a SQL Injection vulnerability in the statistics AJ
8.8HIGH
 CVE-2026-30876
< 1.11.36
Chamilo LMS is a learning management system. Prior to version 1.11.36, Chamilo is vulnerable to user enumeration with valid/invali
5.3MEDIUM
 CVE-2026-30875
< 1.11.36
Chamilo LMS is a learning management system. Prior to version 1.11.36, an arbitrary file upload vulnerability in the H5P Import fe
8.8HIGH
 CVE-2026-28430
< 1.11.34
Chamilo LMS is a learning management system. Prior to version 1.11.34, there is an unauthenticated SQL injection vulnerability whi
9.8CRITICAL
 CVE-2026-29041
< 1.11.34
Chamilo is a learning management system. Prior to version 1.11.34, Chamilo LMS is affected by an authenticated remote code executi
8.8HIGH
 CVE-2025-59544
< 1.11.34
Chamilo is a learning management system. Prior to version 1.11.34, the functionality for the user to update the category does not
4.3MEDIUM
 CVE-2025-59543
< 1.11.34
Chamilo is a learning management system. Prior to version 1.11.34, there is a stored cross-site scripting (XSS) vulnerability. By
9.0CRITICAL
 CVE-2025-59542
< 1.11.34
Chamilo is a learning management system. Prior to version 1.11.34, there is a stored cross-site scripting (XSS) vulnerability. By
9.0CRITICAL
 CVE-2025-59541
< 1.11.34
Chamilo is a learning management system. Prior to version 1.11.34, a Cross-Site Request Forgery (CSRF) vulnerability allows an att
8.1HIGH
 CVE-2025-59540
< 1.11.34
Chamilo is a learning management system. Prior to version 1.11.34, a stored XSS vulnerability exists in Chamilo LMS that allows a
5.4MEDIUM
 CVE-2025-55289
< 1.11.34
Chamilo is a learning management system. Prior to version 1.11.34, there is a stored XSS vulnerability in Chamilo LMS (Verison 1.1
8.8HIGH
 CVE-2025-55208
< 1.11.34
Chamilo is a learning management system. Versions prior to 1.11.34 have a Stored XSS through insecure file uploads in `Social Netw
9.0CRITICAL
 CVE-2025-52998
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, in the application, deserialization of data is performed, the d
9.8CRITICAL
 CVE-2025-52564
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, the open parameter of help.php fails to properly sanitize user
6.1MEDIUM
 CVE-2025-52563
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting (XSS) vulnerability d
6.1MEDIUM
 CVE-2025-52476
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting (XSS) vulnerability d
6.1MEDIUM
 CVE-2025-52475
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting (XSS) vulnerability i
6.1MEDIUM
 CVE-2025-52470
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, a stored cross-site scripting (XSS) vulnerability exists in the
4.8MEDIUM
 CVE-2025-52469
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, a logic vulnerability in the friend request workflow of Chamilo
7.1HIGH
 CVE-2025-52468
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, an input validation vulnerability exists when importing user da
8.8HIGH
 CVE-2025-50199
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, there is a blind SSRF vulnerability in /index.php via the POST
9.1CRITICAL
 CVE-2025-50198
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, Chamilo is vulnerable to deserialization of untrusted data in /
4.9MEDIUM
 CVE-2025-50197
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /main/admin/s
7.2HIGH
 CVE-2025-50196
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /plugin/vcham
7.2HIGH
 CVE-2025-50195
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /plugin/vcham
7.2HIGH
 CVE-2025-50194
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /main/cron/la
7.2HIGH
 CVE-2025-50193
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS command Injection vulnerability in /plugin/vcham
7.2HIGH
 CVE-2025-52482
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, a Stored XSS vulnerability exists in the glossary function, ena
8.3HIGH
 CVE-2025-50192
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, there is a time-based SQL Injection in found in /main/webservic
9.8CRITICAL
 CVE-2025-50191
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, there is an error-based SQL Injection via POST userFile with th
7.2HIGH
 CVE-2025-50190
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, there is an error-based SQL Injection via the GET openid.assoc_
9.8CRITICAL
 CVE-2025-50189
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, the application performs insufficient validation of data coming
8.8HIGH
 CVE-2025-50188
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, the application performs insufficient validation of data coming
7.2HIGH
 CVE-2025-50187
< 1.11.28
Chamilo is a learning management system. Prior to version 1.11.28, parameter from SOAP request is evaluated without filtering whic
9.8CRITICAL
 CVE-2025-50186
< 1.11.30
Chamilo is a learning management system. Prior to version 1.11.30, a stored cross-site scripting (XSS) vulnerability exists due to
4.8MEDIUM
 CVE-2024-50337
< 1.11.28
Chamilo is a learning management system. Prior to version 1.11.28, the OpenId function allows anyone to send requests to any URL o
5.3MEDIUM
 CVE-2024-47886
>= 1.11.12 and < 1.11.26
Chamilo is a learning management system. Chamillo is affected by a post-authentication phar unserialize which leads to a remote co
7.2HIGH
 CVE-2026-1106
< 2.0.0
A security flaw has been discovered in Chamilo LMS up to 2.0.0 Beta 1. This issue affects the function deleteLegal of the file src
5.4MEDIUM
 CVE-2025-69581
all versions
An issue was discovered in Chamillo LMS 1.11.2. The Social Network /personal_data endpoint exposes full sensitive user information
5.5MEDIUM
 CVE-2024-51142
all versions
Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows an attacker to execute arbitrary code via the svkey parameter o
5.4MEDIUM
 CVE-2024-30619
all versions
Chamilo LMS Version 1.11.26 is vulnerable to Incorrect Access Control. A non-authenticated attacker can request the number of mess
7.5HIGH
 CVE-2024-30618
all versions
A Stored Cross-Site Scripting (XSS) Vulnerability in Chamilo LMS 1.11.26 allows a remote attacker to execute arbitrary JavaScript
6.1MEDIUM
 CVE-2024-30617
all versions
A Cross-Site Request Forgery (CSRF) vulnerability in Chamilo LMS 1.11.26 "/main/social/home.php," allows attackers to initiate a r
5.4MEDIUM
 CVE-2024-30616
all versions
Chamilo LMS 1.11.26 is vulnerable to Incorrect Access Control via main/auth/profile. Non-admin users can manipulate sensitive prof
8.8HIGH
 CVE-2024-27525
all versions
Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows a remote attacker to escalate privileges via a crafted script t
4.6MEDIUM
 CVE-2024-27524
all versions
Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows a remote attacker to escalate privileges via a crafted script t
7.1HIGH
 CVE-2023-4226
<= 1.11.24
Unrestricted file upload in /main/inc/ajax/work.ajax.php in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner
8.8HIGH
 CVE-2023-4225
<= 1.11.24
Unrestricted file upload in /main/inc/ajax/exercise.ajax.php in Chamilo LMS <= v1.11.24 allows authenticated attackers with lear
8.8HIGH
 CVE-2023-4224
<= 1.11.24
Unrestricted file upload in /main/inc/ajax/dropbox.ajax.php in Chamilo LMS <= v1.11.24 allows authenticated attackers with learn
8.8HIGH
 CVE-2023-4223
<= 1.11.24
Unrestricted file upload in /main/inc/ajax/document.ajax.php in Chamilo LMS <= v1.11.24 allows authenticated attackers with lear
8.8HIGH
 CVE-2023-4222
<= 1.11.24
Command injection in main/lp/openoffice_text_document.class.php in Chamilo LMS <= v1.11.24 allows users permitted to upload Lear
7.2HIGH
 CVE-2023-4221
<= 1.11.24
Command injection in main/lp/openoffice_presentation.class.php in Chamilo LMS <= v1.11.24 allows users permitted to upload Learn
7.2HIGH
 CVE-2023-4220
<= 1.11.24
Unrestricted file upload in big file upload functionality in /main/inc/lib/javascript/bigupload/inc/bigUpload.php in Chamilo LMS
8.1HIGH
 CVE-2023-39582
>= 1.11 and <= 1.11.20
SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allows a remote privileged attacker to obtain sensitive informati
4.9MEDIUM
 CVE-2023-34944
>= 1.11.0 and <= 1.11.18
An arbitrary file upload vulnerability in the /fileUpload.lib.php component of Chamilo 1.11.* up to v1.11.18 allows attackers to e
9.8CRITICAL
 CVE-2023-34962
>= 1.11.0 and <= 1.11.18
Incorrect access control in Chamilo v1.11.x up to v1.11.18 allows a student to arbitrarily access and modify another student's per
8.1HIGH
 CVE-2023-34961
>= 1.11.0 and <= 1.11.18
Chamilo v1.11.x up to v1.11.18 was discovered to contain a cross-site scripting (XSS) vulnerability via the /feedback/comment fiel
6.1MEDIUM
 CVE-2023-34959
>= 1.11.0 and <= 1.11.18
An issue in Chamilo v1.11.* up to v1.11.18 allows attackers to execute a Server-Side Request Forgery (SSRF) and obtain information
5.3MEDIUM
 CVE-2023-34958
>= 1.11.0 and <= 1.11.18
Incorrect access control in Chamilo 1.11.* up to 1.11.18 allows a student subscribed to a given course to download documents belon
4.3MEDIUM
 CVE-2023-31807
all versions
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted
5.4MEDIUM
 CVE-2023-31806
all versions
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted
5.4MEDIUM
 CVE-2023-31805
all versions
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local authenticated attacker to execute arbitrary code
4.8MEDIUM
 CVE-2023-31804
all versions
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the course
5.4MEDIUM
 CVE-2023-31803
all versions
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the resour
4.8MEDIUM
 CVE-2023-31802
all versions
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the skype
5.4MEDIUM
 CVE-2023-31801
all versions
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the skills
6.1MEDIUM
 CVE-2023-31800
all versions
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the forum
5.4MEDIUM
 CVE-2023-31799
all versions
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the system
4.8MEDIUM
 CVE-2022-27426
>= 1.11.0 and <= 1.11.16
A Server-Side Request Forgery (SSRF) in Chamilo LMS v1.11.13 allows attackers to enumerate the internal network and execute arbitr
8.8HIGH
 CVE-2022-27423
>= 1.11.0 and <= 1.11.16
Chamilo LMS v1.11.13 was discovered to contain a SQL injection vulnerability via the blog_id parameter at /blog/blog.php.
9.8CRITICAL
 CVE-2022-27422
>= 1.11.0 and <= 1.11.16
A reflected cross-site scripting (XSS) vulnerability in Chamilo LMS v1.11.13 allows attackers to execute arbitrary web scripts or
6.1MEDIUM
 CVE-2022-27421
<= 1.11.14
Chamilo LMS v1.11.13 lacks validation on the user modification form, allowing attackers to escalate privileges to Platform Admin.
7.2HIGH
 CVE-2021-35415
>= 1.11.0 and <= 1.11.16
A stored cross-site scripting (XSS) vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload
4.8MEDIUM
 CVE-2021-35414
>= 1.11.0 and <= 1.11.16
Chamilo LMS v1.11.x was discovered to contain a SQL injection via the doc parameter in main/plagiarism/compilatio/upload.php.
9.8CRITICAL
 CVE-2021-35413
>= 1.11.0 and <= 1.11.16
A remote code execution (RCE) vulnerability in course_intro_pdf_import.php of Chamilo LMS v1.11.x allows authenticated attackers t
8.8HIGH
 CVE-2020-23126
all versions
Chamilo LMS version 1.11.10 contains an XSS vulnerability in the personal profile edition form, affecting the user him/herself and
6.1MEDIUM
 CVE-2021-37391
>= 1.11.0 and < 1.11.14
A user without privileges in Chamilo LMS 1.11.14 can send an invitation message to another user, e.g., the administrator, through
5.4MEDIUM
 CVE-2021-37390
< 1.11.14
A Chamilo LMS 1.11.14 reflected XSS vulnerability exists in main/social/search.php=q URI (social network search feature).
6.1MEDIUM
 CVE-2020-23128
all versions
Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions administrator privilege to create a
4.9MEDIUM
 CVE-2020-23127
all versions
Chamilo LMS 1.11.10 is affected by Cross Site Request Forgery (CSRF) via the edit_user function by targeting an admin user.
8.8HIGH
 CVE-2012-4030
< 1.8.8.6
Chamilo before 1.8.8.6 does not adequately handle user supplied input by the index.php script, which could allow remote attackers
7.5HIGH
 CVE-2015-9540
<= 1.9.10.2
Chamilo LMS through 1.9.10.2 allows a link_goto.php?link_url= open redirect, a related issue to CVE-2015-5503.
6.1MEDIUM
 CVE-2019-13082
all versions
Chamilo LMS 1.11.8 and 2.x allows remote code execution through an lp_upload.php unauthenticated file upload feature. It extracts
9.8CRITICAL
 CVE-2019-1000017
<= 1.11.8
Chamilo Chamilo-lms version 1.11.8 and earlier contains an Incorrect Access Control vulnerability in Tickets component that can re
6.5MEDIUM
 CVE-2019-1000015
<= 1.11.8
Chamilo Chamilo-lms version 1.11.8 and earlier contains a Cross Site Scripting (XSS) vulnerability in main/messages/new_message.ph
6.1MEDIUM
 CVE-2018-20329
all versions
Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access t
8.1HIGH
 CVE-2018-20328
all versions
Chamilo LMS version 1.11.8 contains XSS in main/social/group_view.php in the social groups tool, allowing authenticated users to a
5.4MEDIUM
 CVE-2018-20327
all versions
Chamilo LMS version 1.11.8 contains XSS in main/template/default/admin/gradebook_list.tpl in the gradebook dependencies tool, allo
5.4MEDIUM
 CVE-2018-1999019
all versions
Chamilo LMS version 11.x contains an Unserialization vulnerability in the "hash" GET parameter for the api endpoint located at /we
9.8CRITICAL
 CVE-2013-6787
<= 1.9.6
SQL injection vulnerability in the check_user_password function in main/auth/profile.php in Chamilo LMS 1.9.6 and earlier, when us
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin