|
11
|
9.8 |
CRITICAL
Network
|
chamilo
|
chamilo_lms
|
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, the default password reset mechanism generates tokens using sha1($email) with no random component, no expiration, and no …
New
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2026-33707
|
2026-04-17 03:25 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
12
|
6.5 |
MEDIUM
Network
|
chamilo
|
chamilo_lms
|
Chamilo LMS is a learning management system. Prior to 1.11.38, the get_user_info_from_username REST API endpoint returns personal information (email, first name, last name, user ID, active status) of…
New
|
CWE-862
Missing Authorization
|
CVE-2026-33708
|
2026-04-17 03:25 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
13
|
7.5 |
HIGH
Network
|
chamilo
|
chamilo_lms
|
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, REST API keys are generated using md5(time() + (user_id * 5) - rand(10000, 10000)). The rand(10000, 10000) call always re…
New
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2026-33710
|
2026-04-17 03:24 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
14
|
6.5 |
MEDIUM
Network
|
chamilo
|
chamilo_lms
|
Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, any authenticated user (including ROLE_STUDENT) can enumerate all platform users and access personal information (email, phone, roles…
New
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-33736
|
2026-04-17 03:23 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
15
|
6.5 |
MEDIUM
Network
|
chamilo
|
chamilo_lms
|
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, multiple files use simplexml_load_string() without XXE protection. With LIBXML_NOENT flag, arbitrary server files can be …
New
|
CWE-611
XXE
|
CVE-2026-33737
|
2026-04-17 03:22 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
16
|
7.3 |
HIGH
Local
|
-
|
-
|
In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory.
New
|
CWE-24
Path Traversal: '../filedir'
|
CVE-2026-41082
|
2026-04-17 03:16 |
2026-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
17
|
7.3 |
HIGH
Network
|
-
|
-
|
SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_playlist.php.
New
|
CWE-89
SQL Injection
|
CVE-2026-37337
|
2026-04-17 03:16 |
2026-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
18
|
7.3 |
HIGH
Network
|
-
|
-
|
SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_music.php.
New
|
CWE-89
SQL Injection
|
CVE-2026-37336
|
2026-04-17 03:16 |
2026-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
19
|
- |
|
-
|
-
|
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the orderDirection parameter used in dataset-related endpoint…
New
|
CWE-89
SQL Injection
|
CVE-2026-33083
|
2026-04-17 03:16 |
2026-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
20
|
- |
|
-
|
-
|
DataEase is an open source data visualization analysis tool. Versions 2.10.20 and below contain a SQL injection vulnerability in the dataset export functionality. The expressionTree parameter in POST…
New
|
CWE-89
SQL Injection
|
CVE-2026-33082
|
2026-04-17 03:16 |
2026-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
