Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Chamilo Session Fixation Vulnerability - CVE-2026-31940 - Vulnerability Database
Chamilo

Chamilo Session Fixation Vulnerability - CVE-2026-31940

High
Reference: CVE-2026-31940
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2026-31940
Title: Chamilo Session Fixation Vulnerability
Overview:

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3 in main/lp/aicc_hacp.php user-controlled request parameters are directly used to set the PHP session ID before loading global bootstrap. This leads to session fixation. This vulnerability is fixed in 1.11.38 and 2.0.0-RC.3.