Unrated severityOSV Advisory· Published Dec 21, 2018· Updated Aug 5, 2024
CVE-2018-20329
CVE-2018-20329
Description
Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access to the sessions catalogue (which may optionally be made public) to extract and/or modify database information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2CHAMILO_1_8_7_ALPHA_1, CHAMILO_1_8_7_ALPHA_2, CHAMILO_1_8_7_RC2, …+ 1 more
- (no CPE)range: CHAMILO_1_8_7_ALPHA_1, CHAMILO_1_8_7_ALPHA_2, CHAMILO_1_8_7_RC2, …
- (no CPE)range: =1.11.8
Patches
Vulnerability mechanics
References
2- github.com/chamilo/chamilo-lms/commit/bfa1eccfabb457b800618d9d115f12dc614a55dfmitrex_refsource_MISC
- support.chamilo.org/projects/1/wiki/Security_issuesmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.