Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability - CVE-2023-3368 - Vulnerability Database
Chamilo

Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability - CVE-2023-3368

Critical
Reference: CVE-2023-3368
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-3368
Title: Chamilo Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
Overview:

Command injection in /main/webservices/additional_webservices.php in Chamilo LMS lt v1.11.20 allows unauthenticated attackers to obtain remote code execution via improper neutralisation of special characters. This is a bypass of CVE-2023-34960.