Description

An arbitrary file upload vulnerability in the /fileUpload.lib.php component of Chamilo 1.11.* up to v1.11.18 allows attackers to execute arbitrary code via uploading a crafted SVG file.

Remediation

References

CVE-2023-34944

Related Vulnerabilities

Joomla Improper Input Validation Vulnerability (CVE-2016-8870)

WordPress Plugin Airtight Security & Features Formerly Redirect Editor And Security Unspecified Vulnerability (1.3)

WordPress Plugin Easy Google Fonts Cross-Site Scripting (1.3.6)

Liferay Portal CVE-2020-15840 Vulnerability (CVE-2020-15840)

WordPress Plugin Be POPIA Compliant Information Disclosure (1.1.5)

Severity

Critical

Classification

CVE-2023-34944 CWE-434 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities