CVE-2026-32931

Name of the Vulnerable Software and Affected Versions Chamilo LMS versions prior to 1.11.38 and prior to 2.0.0-RC.3

Description Chamilo LMS, a learning management system, contains a file upload issue in the exercise sound upload function. An authenticated teacher can upload a PHP webshell by manipulating the Content-Type header to audio/mpeg. The uploaded file keeps its original .php extension and is stored in a web-accessible directory, leading to Remote Code Execution as the web server user (www-data).

Recommendations Update to version 1.11.38 or later. Update to version 2.0.0-RC.3 or later.