CVE-2026-28430
published 2026-03-16CVE-2026-28430: Chamilo LMS is a learning management system. Prior to version 1.11.34, there is an unauthenticated SQL injection vulnerability which allows remote attackers to…
PriorityP269critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.33%
24.7th percentile
Chamilo LMS is a learning management system. Prior to version 1.11.34, there is an unauthenticated SQL injection vulnerability which allows remote attackers to execute arbitrary SQL commands via the custom_dates parameter. By chaining this with a predictable legacy password reset mechanism, an attacker can achieve full administrative account takeover without any prior credentials. The vulnerability also exposes the entire database, including PII and system configurations. This issue has been patched in version 1.11.34.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chamilo | chamilo-lms | < 1.11.34 | 1.11.34 |
| chamilo | chamilo_lms | < 1.11.34 | 1.11.34 |
Detection & IOCsextracted from sources · hover to see the quote
- →SQL injection entry point is the `custom_dates` parameter, exploitable without authentication ↗
- →Attack chain: SQLi via custom_dates parameter combined with predictable legacy password reset to achieve full admin account takeover with no prior credentials ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No advisories linked to this vulnerability.
No detection rules found.
No public exploits indexed.
Wiz
CVE-2025-55289 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.8
CVE-2025-55289 [HIGH] CVE-2025-55289 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-55289 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.34, there is a stored XSS vulnerability in Chamilo LMS (Verison 1.11.32) allows an attacker to inject arbitrary JavaScript into the platform’s social network and internal messaging features. When viewed by an authenticated user (including administrators), the payload executes in their browser within the LMS context. This enables full account takeover via session hijacking, unauthorized actions with the victim’s privileges, exfiltration of sensitive data, and potential self-propagation to other users. This issue has been patched in version 1.11.34.
Source : NVD
## 9
Score
Published March 6, 2026
Severity CRITICAL
CNA Score 8.8
Affected Technologies
Cha
Wiz
CVE-2025-52482 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.3
CVE-2025-52482 [HIGH] CVE-2025-52482 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-52482 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, a Stored XSS vulnerability exists in the glossary function, enabling all users with the Teachers role to inject JavaScript malicious code against the administrator. This issue has been patched in version 1.11.30.
Source : NVD
## 8.3
Score
Published March 2, 2026
Severity HIGH
CNA Score 8.3
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 17.9
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Severity HIGH Has Fix Added at: Mar 04, 2026
Windows Severity HIGH H
Wiz
CVE-2025-50186 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 4.8
CVE-2025-50186 [MEDIUM] CVE-2025-50186 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-50186 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, a stored cross-site scripting (XSS) vulnerability exists due to insufficient sanitization of CSV filenames. An attacker can upload a maliciously named CSV file (e.g., .csv) that leads to JavaScript execution when viewed by administrators or users with access to import logs or file views. This issue has been patched in version 1.11.30.
Source : NVD
## 4.8
Score
Published March 2, 2026
Severity MEDIUM
CNA Score 4.8
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 12.9
Exploitation Probability (EPSS) N/A
Affected packages and
Wiz
CVE-2025-50196 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.1
CVE-2025-50196 [HIGH] CVE-2025-50196 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-50196 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /plugin/vchamilo/views/editinstance.php via the POST main_database parameter. This issue has been patched in version 1.11.30.
Source : NVD
## 7.1
Score
Published March 2, 2026
Severity HIGH
CNA Score 7.1
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 65.9
Exploitation Probability (EPSS) 0.5
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Severity HIGH Has Fix Added at: Mar 04, 2026
Windows Severity HIGH Has Fix Added at: Mar 04, 2026
Linux
Wiz
CVE-2025-59540 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.4
CVE-2025-59540 [MEDIUM] CVE-2025-59540 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-59540 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.34, a stored XSS vulnerability exists in Chamilo LMS that allows a staff account to execute arbitrary JavaScript in the browser of higher-privileged admin users. The issue arises because feedback input in the exercise history page is not properly encoded before rendering, allowing malicious scripts to persist in the database and execute on view. This issue has been patched in version 1.11.34.
Source : NVD
## 6.4
Score
Published March 6, 2026
Severity MEDIUM
CNA Score 6.4
Affected Technologies
Chamilo
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 10.2
Explo
Wiz
CVE-2025-50197 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.1
CVE-2025-50197 [HIGH] CVE-2025-50197 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-50197 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /main/admin/sub_language_ajax.inc.php via the POST new_language parameter. This issue has been patched in version 1.11.30.
Source : NVD
## 7.1
Score
Published March 2, 2026
Severity HIGH
CNA Score 7.1
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 70.1
Exploitation Probability (EPSS) 0.6
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Severity HIGH Has Fix Added at: Mar 04, 2026
Windows Severity HIGH Has Fix Added at: Mar 04, 2026
Linux Sev
Wiz
CVE-2025-52468 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.8
CVE-2025-52468 [HIGH] CVE-2025-52468 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-52468 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, an input validation vulnerability exists when importing user data from CSV files. This flaw occurs due to insufficient sanitization of user data, specifically in the "Last Name", "First Name", and "Username" fields. It allows attackers to inject a stored cross-site scripting (XSS) payload that is triggered when the user profile is viewed, potentially leading to malicious script execution in the context of the authenticated use. This issue has been patched in version 1.11.30.
Source : NVD
## 6.1
Score
Published March 2, 2026
Severity MEDIUM
CNA Score 8.8
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Releas
Wiz
CVE-2025-50192 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.8
CVE-2025-50192 [HIGH] CVE-2025-50192 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-50192 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, there is a time-based SQL Injection in found in /main/webservices/registration.soap.php. This issue has been patched in version 1.11.30.
Source : NVD
## 8.8
Score
Published March 2, 2026
Severity HIGH
CNA Score 8.8
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 11.7
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Severity CRITICAL Has Fix Added at: Mar 04, 2026
Windows Severity CRITICAL Has Fix Added at: Mar 04, 2026
Linux Severity CRITICAL Has Fix Added
Wiz
CVE-2026-28430 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.3
CVE-2026-28430 [CRITICAL] CVE-2026-28430 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28430 :
Chamilo vulnerability analysis and mitigation
Chamilo LMS is a learning management system. Prior to version 1.11.34, there is an unauthenticated SQL injection vulnerability which allows remote attackers to execute arbitrary SQL commands via the custom_dates parameter. By chaining this with a predictable legacy password reset mechanism, an attacker can achieve full administrative account takeover without any prior credentials. The vulnerability also exposes the entire database, including PII and system configurations. This issue has been patched in version 1.11.34.
Source : NVD
## 9.3
Score
Published March 16, 2026
Severity CRITICAL
CNA Score 9.3
Affected Technologies
Chamilo
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV
Wiz
CVE-2026-30876 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.3
CVE-2026-30876 [CRITICAL] CVE-2026-30876 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-30876 :
Chamilo vulnerability analysis and mitigation
Chamilo LMS is a learning management system. Prior to version 1.11.36, Chamilo is vulnerable to user enumeration with valid/invalid username. This issue has been patched in version 1.11.36.
Source : NVD
## 6.3
Score
Published March 16, 2026
Severity MEDIUM
CNA Score 6.3
Affected Technologies
Chamilo
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 11.4
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Severity MEDIUM Has Fix Added at: Mar 18, 2026
Windows Severity MEDIUM Has Fix Added at: Mar 18, 2026
Linux Severity MEDIUM Has Fix Added at: Mar 19, 2026
Wiz
CVE-2026-29041 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.3
CVE-2026-29041 [CRITICAL] CVE-2026-29041 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-29041 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.34, Chamilo LMS is affected by an authenticated remote code execution vulnerability caused by improper validation of uploaded files. The application relies solely on MIME-type verification when handling file uploads and does not adequately validate file extensions or enforce safe server-side storage restrictions. As a result, an authenticated low-privileged user can upload a crafted file containing executable code and subsequently execute arbitrary commands on the server. This issue has been patched in version 1.11.34.
Source : NVD
## 8.8
Score
Published March 6, 2026
Severity HIGH
CNA Score 8.8
Affected Technologies
Chamilo
Has Public Exploit No
Ha
Wiz
CVE-2025-52998 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.0
CVE-2025-52998 [HIGH] CVE-2025-52998 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-52998 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, in the application, deserialization of data is performed, the data can be spoofed. An attacker can create objects of arbitrary classes, as well as fully control their properties, and thus modify the logic of the web application's operation. This issue has been patched in version 1.11.30.
Source : NVD
## 7
Score
Published March 2, 2026
Severity HIGH
CNA Score 7.0
Affected Technologies
Chamilo
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 44.7
Exploitation Probability (EPSS) 0.2
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Li
Wiz
CVE-2025-59542 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.0
CVE-2025-59542 [CRITICAL] CVE-2025-59542 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-59542 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.34, there is a stored cross-site scripting (XSS) vulnerability. By injecting malicious JavaScript into the course learning path Settings field, an attacker with a low-privileged account (e.g., trainer) can execute arbitrary JavaScript code in the context of any other user viewing the course information page, including administrators. This allows an attacker to exfiltrate sensitive session cookies or tokens, resulting in account takeover (ATO) of higher-privileged users. This issue has been patched in version 1.11.34.
Source : NVD
## 9
Score
Published March 6, 2026
Severity CRITICAL
CNA Score 9.0
Affected Technologies
Chamilo
Has Public Exploit No
Ha
Wiz
CVE-2025-50190 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.8
CVE-2025-50190 [HIGH] CVE-2025-50190 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-50190 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, there is an error-based SQL Injection via the GET openid.assoc_handle parameter with the /index.php script. This issue has been patched in version 1.11.30.
Source : NVD
## 8.8
Score
Published March 2, 2026
Severity HIGH
CNA Score 8.8
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 11.7
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Severity CRITICAL Has Fix Added at: Mar 04, 2026
Windows Severity CRITICAL Has Fix Added at: Mar 04, 2026
Linux Severity CRI
Wiz
CVE-2026-30875 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.3
CVE-2026-30875 [CRITICAL] CVE-2026-30875 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-30875 :
Chamilo vulnerability analysis and mitigation
Chamilo LMS is a learning management system. Prior to version 1.11.36, an arbitrary file upload vulnerability in the H5P Import feature allows authenticated users with Teacher role to achieve Remote Code Execution (RCE). The H5P package validation only checks if h5p.json exists but doesn't block .htaccess or PHP files with alternative extensions. An attacker uploads a crafted H5P package containing a webshell and .htaccess that enables PHP execution for .txt files, bypassing security control. This issue has been patched in version 1.11.36.
Source : NVD
## 8.8
Score
Published March 16, 2026
Severity HIGH
CNA Score 8.8
Affected Technologies
Chamilo
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release D
Wiz
CVE-2025-69581 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 5.5
CVE-2025-69581 [MEDIUM] CVE-2025-69581 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-69581 :
Chamilo vulnerability analysis and mitigation
An issue was discovered in Chamillo LMS 1.11.2. The Social Network /personal_data endpoint exposes full sensitive user information even after logout because proper cache-control is missing. Using the browser back button restores all personal data, allowing unauthorized users on the same device to view confidential information. This leads to profiling, impersonation, targeted attacks, and significant privacy risks.
Source : NVD
## 5.5
Score
Published January 16, 2026
Severity MEDIUM
CNA Score 5.5
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 0.6
Exploitation Probability (EPSS) N/A
Affect
Wiz
CVE-2025-50189 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.2
CVE-2025-50189 [HIGH] CVE-2025-50189 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-50189 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, the application performs insufficient validation of data coming from the user from the POST resource[document][SQL_INJECTION_HERE] and POST login parameters found in /main/coursecopy/copy_course_session_selected.php, which allows an attacker to perform an attack aimed at modifying the database query logic by injecting an arbitrary SQL statements. This issue has been patched in version 1.11.30.
Source : NVD
## 7.2
Score
Published March 2, 2026
Severity HIGH
CNA Score 7.2
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 21.8
E
Wiz
CVE-2025-50199 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.7
CVE-2025-50199 [HIGH] CVE-2025-50199 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-50199 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, there is a blind SSRF vulnerability in /index.php via the POST openid_url parameter. This issue has been patched in version 1.11.30.
Source : NVD
## 7.7
Score
Published March 2, 2026
Severity HIGH
CNA Score 7.7
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 20.4
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Severity CRITICAL Has Fix Added at: Mar 04, 2026
Windows Severity CRITICAL Has Fix Added at: Mar 04, 2026
Linux Severity CRITICAL Has Fix Added at:
Wiz
CVE-2026-30882 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.3
CVE-2026-30882 [CRITICAL] CVE-2026-30882 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-30882 :
Chamilo vulnerability analysis and mitigation
Chamilo LMS is a learning management system. Chamilo LMS version 1.11.34 and prior contains a Reflected Cross-Site Scripting (XSS) vulnerability in the session category listing page. The keyword parameter from $_REQUEST is echoed directly into an HTML href attribute without any encoding or sanitization. An attacker can inject arbitrary HTML/JavaScript by breaking out of the attribute context using ">followed by a malicious payload. The vulnerability is triggered when the pagination controls are rendered — which occurs when the number of session categories exceeds 20 (the page limit). This issue has been patched in version 1.11.36.
Source : NVD
## 6.1
Score
Published March 16, 2026
Severity MEDIUM
CNA Score 6.1
Aff
Wiz
CVE-2025-52564 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.9
CVE-2025-52564 [MEDIUM] CVE-2025-52564 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-52564 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, the open parameter of help.php fails to properly sanitize user input. This allows an attacker to inject arbitrary HTML, such as underlined text, via a crafted URL. This issue has been patched in version 1.11.30.
Source : NVD
## 6.9
Score
Published March 2, 2026
Severity MEDIUM
CNA Score 6.9
Affected Technologies
Chamilo
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 11.1
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Severity MEDIUM Has Fix Added at: Mar 04, 2026
Windows Severity MEDI
Wiz
CVE-2025-50194 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.1
CVE-2025-50194 [HIGH] CVE-2025-50194 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-50194 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /main/cron/lang/check_parse_lang.php. This issue has been patched in version 1.11.30.
Source : NVD
## 7.1
Score
Published March 2, 2026
Severity HIGH
CNA Score 7.1
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 70.1
Exploitation Probability (EPSS) 0.6
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Severity HIGH Has Fix Added at: Mar 04, 2026
Windows Severity HIGH Has Fix Added at: Mar 04, 2026
Linux Severity HIGH Has Fix Added at: Mar 04,
Wiz
CVE-2025-50187 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.8
CVE-2025-50187 [CRITICAL] CVE-2025-50187 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-50187 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.28, parameter from SOAP request is evaluated without filtering which leads to Remote Code Execution. This issue has been patched in version 1.11.28.
Source : NVD
## 9.8
Score
Published March 2, 2026
Severity CRITICAL
CNA Score 9.8
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 63.3
Exploitation Probability (EPSS) 0.4
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Severity CRITICAL Has Fix Added at: Mar 04, 2026
Windows Severity CRITICAL Has Fix Added at: Mar 04, 2026
Linux Severity CRITICAL H
Wiz
CVE-2024-47886 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.7
CVE-2024-47886 [HIGH] CVE-2024-47886 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2024-47886 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Chamillo is affected by a post-authentication phar unserialize which leads to a remote code execution (RCE) within versions 1.11.12 to 1.11.26. By abusing multiple supported features from the virtualization plugin vchamilo, the vulnerability allows an administrator to execute arbitrary code on the server. This issue has been patched in version 1.11.26.
Source : NVD
## 8.7
Score
Published March 2, 2026
Severity HIGH
CNA Score 8.7
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 76.4
Exploitation Probability (EPSS) 1
Affected packages and libraries
c
Wiz
CVE-2025-59543 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.0
CVE-2025-59543 [CRITICAL] CVE-2025-59543 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-59543 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.34, there is a stored cross-site scripting (XSS) vulnerability. By injecting malicious JavaScript into the course description field, an attacker with a low-privileged account (e.g., trainer) can execute arbitrary JavaScript code in the context of any other user viewing the course information page, including administrators. This allows an attacker to exfiltrate sensitive session cookies or tokens, resulting in account takeover (ATO) of higher-privileged users. This issue has been patched in version 1.11.34.
Source : NVD
## 9
Score
Published March 6, 2026
Severity CRITICAL
CNA Score 9.0
Affected Technologies
Chamilo
Has Public Exploit No
Has CISA KEV
Wiz
CVE-2025-50188 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.0
CVE-2025-50188 [HIGH] CVE-2025-50188 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-50188 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, the application performs insufficient validation of data coming from the user from the GET value parameter with the following scripts: /plugin/vchamilo/views/syncparams.php and /plugin/vchamilo/ajax/service.php, which allows an attacker to perform an attack aimed at modifying the database query logic by injecting an arbitrary SQL statements. This issue has been patched in version 1.11.30.
Source : NVD
## 7
Score
Published March 2, 2026
Severity HIGH
CNA Score 7.0
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 22.5
Exploita
Wiz
CVE-2024-50337 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 5.3
CVE-2024-50337 [MEDIUM] CVE-2024-50337 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2024-50337 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.28, the OpenId function allows anyone to send requests to any URL on server's behalf, which results in unauthenticated blind SSRF. This issue has been patched in version 1.11.28.
Source : NVD
## 5.3
Score
Published March 2, 2026
Severity MEDIUM
CNA Score 5.3
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 21.2
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Severity MEDIUM Has Fix Added at: Mar 04, 2026
Windows Severity MEDIUM Has Fix Added at: Mar 04, 2026
L
Wiz
CVE-2025-52469 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.1
CVE-2025-52469 [HIGH] CVE-2025-52469 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-52469 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, a logic vulnerability in the friend request workflow of Chamilo’s social network module allows an authenticated user to forcibly add any user as a friend by directly calling the AJAX endpoint. The attacker can bypass the normal flow of sending and accepting friend requests, and even add non-existent users. This breaks access control and social interaction logic, with potential privacy implications. This issue has been patched in version 1.11.30.
Source : NVD
## 7.1
Score
Published March 2, 2026
Severity HIGH
CNA Score 7.1
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/
Wiz
CVE-2025-59544 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.9
CVE-2025-59544 [MEDIUM] CVE-2025-59544 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-59544 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.34, the functionality for the user to update the category does not implement authorization checks for the "category_id" parameter which allows users to update the category of any user by replacing the "category_id" parameter. This issue has been patched in version 1.11.34.
Source : NVD
## 6.9
Score
Published March 6, 2026
Severity MEDIUM
CNA Score 6.9
Affected Technologies
Chamilo
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 11.2
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Severity ME
Wiz
CVE-2025-50191 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.0
CVE-2025-50191 [HIGH] CVE-2025-50191 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-50191 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, there is an error-based SQL Injection via POST userFile with the /main/exercise/hotpotatoes.php script. This issue has been patched in version 1.11.30.
Source : NVD
## 7
Score
Published March 2, 2026
Severity HIGH
CNA Score 7.0
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 13.4
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Severity HIGH Has Fix Added at: Mar 04, 2026
Windows Severity HIGH Has Fix Added at: Mar 04, 2026
Linux Severity HIGH Has Fix Adde
Wiz
CVE-2025-52470 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 4.8
CVE-2025-52470 [MEDIUM] CVE-2025-52470 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-52470 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, a stored cross-site scripting (XSS) vulnerability exists in the session_category_add.php script. The vulnerability is caused by improper sanitization of the Category Name field, allowing privileged users to inject persistent JavaScript payloads. The injected script is later executed when accessing add_many_sessions_to_category.php, potentially compromising administrative sessions. This issue has been patched in version 1.11.30.
Source : NVD
## 4.8
Score
Published March 2, 2026
Severity MEDIUM
CNA Score 4.8
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation
Wiz
CVE-2025-55208 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.0
CVE-2025-55208 [CRITICAL] CVE-2025-55208 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-55208 :
Chamilo vulnerability analysis and mitigation
Social Networks
Source : NVD
## 9
Score
Published March 5, 2026
Severity CRITICAL
CNA Score 9.0
Affected Technologies
Chamilo
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 17.7
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Severity CRITICAL Has Fix Added at: Mar 08, 2026
Windows Severity CRITICAL Has Fix Added at: Mar 08, 2026
Linux Severity CRITICAL Has Fix Added at: Mar 10, 2026
Windows Severity CRITICAL Has Fix Added at: Mar 10, 2026
## Get a CVE risk assessment
Get a prioritized view of CVEs in your cloud—so you can focus on what's exploi
Wiz
CVE-2025-50193 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.1
CVE-2025-50193 [HIGH] CVE-2025-50193 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-50193 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS command Injection vulnerability in /plugin/vchamilo/views/import.php with the POST to_main_database parameter. This issue has been patched in version 1.11.30.
Source : NVD
## 7.1
Score
Published March 2, 2026
Severity HIGH
CNA Score 7.1
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 70.1
Exploitation Probability (EPSS) 0.6
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Severity HIGH Has Fix Added at: Mar 04, 2026
Windows Severity HIGH Has Fix Added at: Mar 04, 2026
Linux Se
Wiz
CVE-2026-30881 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.3
CVE-2026-30881 [CRITICAL] CVE-2026-30881 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-30881 :
Chamilo vulnerability analysis and mitigation
Chamilo LMS is a learning management system. Version 1.11.34 and prior contains a SQL Injection vulnerability in the statistics AJAX endpoint. The parameters date_start and date_end from $_REQUEST are embedded directly into a raw SQL string without proper sanitization. Although Database::escape_string() is called downstream, its output is immediately neutralized by str_replace("'", "'", ...), which restores any injected single quotes — effectively bypassing the escaping mechanism entirely. This allows an authenticated attacker to inject arbitrary SQL statements into the database query, enabling blind time-based and conditional data extraction. This issue has been patched in version 1.11.36.
Source : NVD
## 8.8
Score
Wiz
CVE-2025-50195 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.1
CVE-2025-50195 [HIGH] CVE-2025-50195 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-50195 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /plugin/vchamilo/views/manage.controller.php. This issue has been patched in version 1.11.30.
Source : NVD
## 7.1
Score
Published March 2, 2026
Severity HIGH
CNA Score 7.1
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 70.1
Exploitation Probability (EPSS) 0.6
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Severity HIGH Has Fix Added at: Mar 04, 2026
Windows Severity HIGH Has Fix Added at: Mar 04, 2026
Linux Severity HIGH Has Fix Added at:
Wiz
CVE-2025-52563 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 5.1
CVE-2025-52563 [MEDIUM] CVE-2025-52563 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-52563 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting (XSS) vulnerability due to insufficient sanitization of the page parameter in the session/add_users_to_session.php endpoint. This issue has been patched in version 1.11.30.
Source : NVD
## 5.1
Score
Published March 2, 2026
Severity MEDIUM
CNA Score 5.1
Affected Technologies
Chamilo
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 10.4
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Severity MEDIUM Has Fix Added at: Mar 04, 2026
Windows Severity M
Wiz
CVE-2025-50198 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.8
CVE-2025-50198 [HIGH] CVE-2025-50198 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-50198 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, Chamilo is vulnerable to deserialization of untrusted data in /plugin/vchamilo/views/import.php via POST configuration_file; POST course_path; POST home_path parameters. This issue has been patched in version 1.11.30.
Source : NVD
## 8.8
Score
Published March 2, 2026
Severity HIGH
CNA Score 8.8
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 23.9
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Severity MEDIUM Has Fix Added at: Mar 04, 2026
Windows Severity
Wiz
CVE-2025-52475 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 5.1
CVE-2025-52475 [MEDIUM] CVE-2025-52475 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-52475 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting (XSS) vulnerability in the admin/user_list.php endpoint. The keyword_inactive parameter is not properly sanitized, allowing attackers to inject malicious JavaScript through a crafted URL. This issue has been patched in version 1.11.30.
Source : NVD
## 5.1
Score
Published March 2, 2026
Severity MEDIUM
CNA Score 5.1
Affected Technologies
Chamilo
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 10.3
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Sev
Wiz
CVE-2025-59541 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.1
CVE-2025-59541 [HIGH] CVE-2025-59541 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-59541 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.34, a Cross-Site Request Forgery (CSRF) vulnerability allows an attacker to delete projects inside a course without the victim’s consent. The issue arises because sensitive actions such as project deletion do not implement anti-CSRF protections (tokens) and GET based requests. As a result, an authenticated user (Trainer) can be tricked into executing this unwanted action by simply visiting a malicious page. This issue has been patched in version 1.11.34.
Source : NVD
## 8.1
Score
Published March 6, 2026
Severity HIGH
CNA Score 8.1
Affected Technologies
Chamilo
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Dat
Wiz
CVE-2025-52476 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 5.1
CVE-2025-52476 [MEDIUM] CVE-2025-52476 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-52476 :
Chamilo vulnerability analysis and mitigation
Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting (XSS) vulnerability due to improper sanitization of the keyword_active parameter in admin/user_list.php. This issue has been patched in version 1.11.30.
Source : NVD
## 5.1
Score
Published March 2, 2026
Severity MEDIUM
CNA Score 5.1
Affected Technologies
Chamilo
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 10.3
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:chamilo:chamilo_lms
Sources
Linux Severity MEDIUM Has Fix Added at: Mar 04, 2026
Windows Severity MEDIUM Has Fix Added
Wiz
CVE-2026-1106 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 5.3
CVE-2026-1106 [MEDIUM] CVE-2026-1106 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-1106 :
Chamilo vulnerability analysis and mitigation
A security flaw has been discovered in Chamilo LMS up to 2.0.0 Beta 1. This issue affects the function deleteLegal of the file src/CoreBundle/Controller/SocialController.php of the component Legal Consent Handler. Performing a manipulation of the argument userId results in improper authorization. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Source : NVD
## 5.3
Score
Published January 18, 2026
Severity MEDIUM
CNA Score 5.3
Affected Technologies
Chamilo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exp
2026-03-16
Published