2
1
1
0
Vulnerability Timeline
2 vulnerabilities discovered over time for Chamilo lms
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2025-50186 | 4.8 | An attacker can upload a specially crafted CSV file that contains malicious code, which can then execute JavaScript when viewed by administrators or users who can access import logs. This vulnerability affects versions prior to 1.11.30 and relies on the attacker being able to upload files with unsafe names. | chamilochamilo lms | Exploit Available | about 1 month agoMar 2, 2026 |
| CVE-2024-50337 | 5.3 | This vulnerability allows an attacker to trick the Chamilo learning management system into making requests to any URL on the server's behalf, potentially exposing sensitive information. It affects versions prior to 1.11.28 and requires no authentication, making it easier for attackers to exploit. | chamilochamilo lms | Theoretical | about 1 month agoMar 2, 2026 |
About Chamilo Chamilo lms Security
This page provides comprehensive security vulnerability tracking for Chamilo Chamilo lms. Our database includes all CVEs affecting this product, updated in real-time from official sources.
Each vulnerability listing includes detailed CVSS severity analysis, exploit availability status, AI-generated explanations, and direct links to official security patches and vendor advisories.
Security Recommendations
- • Always keep Chamilo lms updated to the latest version
- • Subscribe to security advisories from Chamilo
- • Monitor this page for new vulnerabilities affecting your version
- • Prioritize patching critical and high severity issues immediately