PT-2025-37310 · Chamilo · Chamilo
Publicado
2025-04-01
·
Atualizado
2026-03-07
·
CVE-2025-50195
CVSS v2.0
8.7
Alta
| Vetor | AV:N/AC:L/Au:S/C:P/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Chamilo versions prior to 1.11.30
Description
The Chamilo learning management system has an OS Command Injection issue. This occurs due to a failure to neutralize special elements used in the operating system command. Successful exploitation allows a remote attacker to execute arbitrary SQL queries. The vulnerable file is
/plugin/vchamilo/views/manage.controller.php.Recommendations
Update to version 1.11.30 or later.
Exploit
Correção
Command Injection
OS Command Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Chamilo