CVE-2018-20329
N/A
N/A
Summary
Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access to the sessions catalogue (which may optionally be made public) to extract and/or modify database information.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-33-2018-12-13-Moderate-risk-high-impact-SQL-Injection
- https://github.com/chamilo/chamilo-lms/commit/bfa1eccfabb457b800618d9d115f12dc614a55df
References
- https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-33-2018-12-13-Moderate-risk-high-impact-SQL-Injection
- https://github.com/chamilo/chamilo-lms/commit/bfa1eccfabb457b800618d9d115f12dc614a55df
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.