296,225
Total vulnerabilities in the database
Chamilo LMS version 11.x contains an Unserialization vulnerability in the "hash" GET parameter for the api endpoint located at /webservices/api/v2.php that can result in Unauthenticated remote code execution. This attack appear to be exploitable via a simple GET request to the api endpoint. This vulnerability appears to have been fixed in After commit 0de84700648f098c1fbf6b807dee28ec640efe62.
| Software | From | Fixed in |
|---|---|---|
| chamilo / chamilo_lms | 1.11.8 | 1.11.8.x |
| chamilo / chamilo_lms | 1.11.0 | 1.11.0.x |
| chamilo / chamilo_lms | 1.11.0-alpha2 | 1.11.0-alpha2.x |
| chamilo / chamilo_lms | 1.11.0-beta1 | 1.11.0-beta1.x |
| chamilo / chamilo_lms | 1.11.0-beta2 | 1.11.0-beta2.x |
| chamilo / chamilo_lms | 1.11.0-beta3 | 1.11.0-beta3.x |
| chamilo / chamilo_lms | 1.11.0-beta4 | 1.11.0-beta4.x |
| chamilo / chamilo_lms | 1.11.0-beta5 | 1.11.0-beta5.x |
| chamilo / chamilo_lms | 1.11.0-beta6 | 1.11.0-beta6.x |
| chamilo / chamilo_lms | 1.11.0-beta7 | 1.11.0-beta7.x |
| chamilo / chamilo_lms | 1.11.0-rc1 | 1.11.0-rc1.x |
| chamilo / chamilo_lms | 1.11.2 | 1.11.2.x |
| chamilo / chamilo_lms | 1.11.4 | 1.11.4.x |
| chamilo / chamilo_lms | 1.11.4-alpha1 | 1.11.4-alpha1.x |
| chamilo / chamilo_lms | 1.11.4-alpha2 | 1.11.4-alpha2.x |
| chamilo / chamilo_lms | 1.11.4-beta1 | 1.11.4-beta1.x |
| chamilo / chamilo_lms | 1.11.4-rc1 | 1.11.4-rc1.x |
| chamilo / chamilo_lms | 1.11.6 | 1.11.6.x |
| chamilo / chamilo_lms | 1.11.6-alpha1 | 1.11.6-alpha1.x |
| chamilo / chamilo_lms | 1.11.8-rc1 | 1.11.8-rc1.x |