PT-2026-25800 · Chamilo · Chamilo Lms

Popcorn94

Published

2026-03-16

Updated

2026-03-17

CVE-2026-30876

CVSS v4.0

6.3

Medium

Vector

AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions Chamilo LMS versions prior to 1.11.36

Description Chamilo LMS is a learning management system susceptible to user enumeration through the use of valid or invalid usernames. This allows an attacker to determine valid usernames within the system.

Recommendations Update to version 1.11.36 or later.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-204

Related Identifiers

CVE-2026-30876

GHSA-CQR8-VVQP-4MP4

Affected Products

Chamilo Lms

PT-2026-25800 · Chamilo · Chamilo Lms

CVE-2026-30876

Weakness Enumeration

Related Identifiers

Affected Products

References · 8