Description

SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allows a remote privileged attacker to obtain sensitive information via the import sessions functions.

Remediation

References

CVE-2023-39582

Related Vulnerabilities

PHP Improper Input Validation Vulnerability (CVE-2007-6039)

WordPress Plugin BuddyStream Multiple Cross-Site Scripting Vulnerabilities (2.6.2)

WordPress Plugin Paid Membership, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content-ProfilePress Multiple Cross-Site Scripting Vulnerabilities (4.5.0)

WordPress Plugin bbPress Social Network Multiple Cross-Site Scripting Vulnerabilities (9.2)

WordPress Plugin Eu Cookie Notice Cross-Site Request Forgery (1.0.6)

Severity

Medium

Classification

CVE-2023-39582 CWE-138 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities