Unrestricted file upload in `/main/inc/ajax/exercise.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: STAR_Labs
Published: 2023-11-28T07:22:04.207Z
Updated: 2024-08-02T07:17:12.131Z
Reserved: 2023-08-08T06:52:34.311Z
Link: CVE-2023-4225

Updated: 2024-08-02T07:17:12.131Z

Status : Modified
Published: 2023-11-28T08:15:09.607
Modified: 2024-11-21T08:34:39.723
Link: CVE-2023-4225

No data.