Chamilo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2018-20329 - Vulnerability Database

Chamilo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2018-20329

High
Reference: CVE-2018-20329
Title: Chamilo Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection allowing users with access to the sessions catalogue (which may optionally be made public) to extract and/or modify database information.