Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Educational

Chamilo

Chamilo is a fully-fledged e-learning system. Get your teachers and trainers up and teaching in no time. Some of our users report a 1/5 ratio in training time compared to the most famous open-source LMS to get them ready. Trainers can get to work in just one day The future of teaching is bright and so is Chamilo.

Official Site:

https://chamilo.org/

Severity Summary:

Critical: 19 High: 34 Medium: 59 Low: 1
Reference
Title
Severity
CVE-2025-52469
Chamilo Improper Enforcement of Behavioral Workflow Vulnerability
High
CVE-2025-50196
Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
CVE-2023-34962
Chamilo Other Vulnerability
High
CVE-2025-50195
Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
CVE-2025-50194
Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
CVE-2025-50193
Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
CVE-2012-4030
Chamilo Improper Input Validation Vulnerability
High
CVE-2025-50191
Chamilo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2025-50189
Chamilo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2025-50188
Chamilo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2024-47886
Chamilo Deserialization of Untrusted Data Vulnerability
High
CVE-2018-20329
Chamilo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2025-59541
Chamilo Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2026-29041
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2023-4221
Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
CVE-2023-4225
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2021-40662
Chamilo Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2022-27427
Chamilo Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2022-27426
Chamilo Server-Side Request Forgery (SSRF) Vulnerability
High
CVE-2021-35413
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
High
CVE-2022-27421
Chamilo Improper Privilege Management Vulnerability
High
CVE-2022-42029
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2022-40407
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2025-52475
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2025-52470
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2025-52476
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2025-52468
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-9540
Chamilo URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium
CVE-2025-50198
Chamilo Deserialization of Untrusted Data Vulnerability
Medium
CVE-2022-27422
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium