Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Educational

Chamilo

Chamilo is a fully-fledged e-learning system. Get your teachers and trainers up and teaching in no time. Some of our users report a 1/5 ratio in training time compared to the most famous open-source LMS to get them ready. Trainers can get to work in just one day The future of teaching is bright and so is Chamilo.

Official Site:

https://chamilo.org/

Severity Summary:

Critical: 22 High: 50 Medium: 70 Low: 1
Reference
Title
Severity
CVE-2026-31939
Chamilo Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2023-4224
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2026-40291
Chamilo Improper Privilege Management Vulnerability
High
CVE-2025-50197
Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
CVE-2026-35196
Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
CVE-2026-34602
Chamilo Authorization Bypass Through User-Controlled Key Vulnerability
High
CVE-2023-4226
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2023-4225
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2026-33710
Chamilo Use of Insufficiently Random Values Vulnerability
High
CVE-2025-50194
Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
CVE-2025-50196
Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
CVE-2023-4221
Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
CVE-2026-30875
Chamilo Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2026-30881
Chamilo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2026-33706
Chamilo Improper Privilege Management Vulnerability
High
CVE-2026-29041
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2026-33704
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2025-59541
Chamilo Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2026-33702
Chamilo Authorization Bypass Through User-Controlled Key Vulnerability
High
CVE-2026-32931
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2025-50195
Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
CVE-2026-32930
Chamilo Authorization Bypass Through User-Controlled Key Vulnerability
High
CVE-2025-50188
Chamilo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2025-50189
Chamilo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2026-32894
Chamilo NULL Pointer Dereference Vulnerability
High
CVE-2025-50191
Chamilo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2026-32892
Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
CVE-2025-50193
Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
CVE-2024-47886
Chamilo Deserialization of Untrusted Data Vulnerability
High
CVE-2026-34160
Chamilo Missing Authentication for Critical Function Vulnerability
High