Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Educational

Chamilo

Chamilo is a fully-fledged e-learning system. Get your teachers and trainers up and teaching in no time. Some of our users report a 1/5 ratio in training time compared to the most famous open-source LMS to get them ready. Trainers can get to work in just one day The future of teaching is bright and so is Chamilo.

Official Site:

https://chamilo.org/

Severity Summary:

Critical: 22 High: 50 Medium: 70 Low: 1
Reference
Title
Severity
CVE-2023-37066
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-37067
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2026-1106
Chamilo Incorrect Privilege Assignment Vulnerability
Medium
CVE-2025-52564
Chamilo Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability
Medium
CVE-2025-50186
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-31802
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2022-27422
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-32925
Chamilo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2023-31806
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-31805
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-31804
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-31803
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2025-50198
Chamilo Deserialization of Untrusted Data Vulnerability
Medium
CVE-2025-52563
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-31801
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2025-52468
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-31800
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2025-52470
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2025-52475
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2025-52476
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-31799
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-51142
Chamilo Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-39061
Chamilo Cross-Site Request Forgery (CSRF) Vulnerability
Low