Description
An arbitrary file upload vulnerability in the /fileUpload.lib.php component of Chamilo 1.11.* up to v1.11.18 allows attackers to execute arbitrary code via uploading a crafted SVG file.
Remediation
References
Related Vulnerabilities
MySQL Use of Externally-Controlled Format String Vulnerability (CVE-2008-3963)
Grafana Incorrect Authorization Vulnerability (CVE-2021-28146)
Drupal Core 7.x Arbitrary File Overwrite (7.0 - 7.77)
WordPress Plugin iQ Block Country Cross-Site Scripting (1.2.11)
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-6897)