Skip to content

One brick to the IT world

@manfromkz

  • Home
  • About
  • Contact

Tag: chamilo

CVE-2021-34187. Unauthenticated SQL injection in Chamilo LMS 1.11.x and (dev version of) 2.0

Lack of sanitization of GET-parameters searchField, filters, filters2 in /main/inc/ajax/model.ajax.php leads to the multiple unauthorized SQL injections in Chamilo LMS 1.11.x and (dev version of) 2.0

Published June 20, 2021
Categorized as PHP, Research Tagged chamilo, open source, research, SQL-injection

Recent Posts

  • Interesting case with code execution in Nmap
  • Multiple vulnerabilities in LibreHealth EHR 2.0.0 part 2
  • Multiple vulnerabilities in LibreHealth EHR 2.0.0
  • Video course “Ethical hacking and Penetration testing”
  • We won The Standoff 365. Again.

Recent Comments

  • nomi on Review of PHP backdoors

Categories

  • CTF (2)
  • PHP (9)
  • Research (10)
  • Uncategorized (4)
One brick to the IT world
Proudly powered by WordPress.