Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Chamilo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2018-20329 - Vulnerability Database
Chamilo

Chamilo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2018-20329

High
Reference: CVE-2018-20329
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-20329
Title: Chamilo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection allowing users with access to the sessions catalogue (which may optionally be made public) to extract and/or modify database information.