Chamilo Improper Handling of Case Sensitivity Vulnerability - CVE-2023-3545
Improper sanitisation in main/inc/lib/fileUpload.lib.php in Chamilo LMS lt v1.11.20 on Windows and Apache installations allows unauthenticated attackers to bypass file upload security protections and obtain remote code execution via uploading of .htaccess file. This vulnerability may be exploited by privileged attackers or chained with unauthenticated arbitrary file write vulnerabilities such as CVE-2023-3533 to achieve remote code execution.