Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability - CVE-2025-50193 - Vulnerability Database

Chamilo

Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability - CVE-2025-50193

High

Reference: CVE-2025-50193

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2025-50193

Title: Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability

Overview:

Chamilo is a learning management system. Prior to version 1.11.30 there is an OS command Injection vulnerability in /plugin/vchamilo/views/import.php with the POST to_main_database parameter. This issue has been patched in version 1.11.30.