Chamilo 厂商漏洞列表 / CVE 中文分析 83

Chamilo 厂商相关 83 条 CVE 漏洞，含 AI 中文分析、POC、CVSS 评分与受影响产品。

Chamilo 是一款开源学习管理系统，旨在提供灵活的教育平台。其历史漏洞记录显示，常见风险包括远程代码执行、跨站脚本及越权访问，累计已收录 83 条 CVE。这些缺陷多源于输入验证不足或权限逻辑缺陷。尽管存在安全风险，该项目仍持续通过补丁更新修复问题。用户需关注官方安全公告，及时升级版本以缓解潜在威胁，确保教育数据与系统环境的稳定性。

上位製品 Chamilo: chamilo-lms Chamilo LMS Chamillo LMS

CVE ID	タイトル	CVSS	深刻度	公開日
CVE-2025-50191	Chamilo: Error-based SQL Injection via POST userFile with the /main/exercise/hotpotatoes.php script — chamilo-lmsCWE-89	9.8^AI	Critical^AI	2026-03-02
CVE-2025-50190	Chamilo: Error-based SQL Injection via GET openid.assoc_handle with the /index.php script — chamilo-lmsCWE-89	9.8^AI	Critical^AI	2026-03-02
CVE-2025-50189	Chamilo: Error-based SQL Injection — chamilo-lmsCWE-89	9.8^AI	Critical^AI	2026-03-02
CVE-2025-50188	Error-based SQL Injection in Chamilo LMS — chamilo-lmsCWE-89	9.8^AI	Critical^AI	2026-03-02
CVE-2025-52482	Chamilo: Stored XSS in glossary function via /main/glossary/index.php trigger in /main/tracking/course_log_resources.php — chamilo-lmsCWE-79	8.3	High	2026-03-02
CVE-2025-50187	Chamilo: Evaluation of untrusted user input leads to Remote Code Execution — chamilo-lmsCWE-95	9.8	Critical	2026-03-02
CVE-2025-50186	Chamilo: Stored XSS via Malicious CSV Filename in user_import.php — chamilo-lmsCWE-79	4.8	Medium	2026-03-02
CVE-2024-50337	Chamilo: Potential unauthenticated blind SSRF via openid function — chamilo-lmsCWE-918	5.3	Medium	2026-03-02
CVE-2024-47886	Chamilo: Post-Auth Remote Code Execution — chamilo-lmsCWE-502	7.2^AI	High^AI	2026-03-02
CVE-2018-25158	Chamilo LMS 1.11.8 Arbitrary File Upload via elfinder — Chamillo LMSCWE-434	8.8	High	2026-02-20
CVE-2026-1106	Chamilo LMS Legal Consent SocialController.php deleteLegal improper authorization — LMSCWE-285	5.4	Medium	2026-01-18
CVE-2023-4225	Chamilo LMS File Upload Functionality Remote Code Execution — ChamiloCWE-434	8.8	High	2023-11-28
CVE-2023-4226	Chamilo LMS File Upload Functionality Remote Code Execution — ChamiloCWE-434	8.8	High	2023-11-28
CVE-2023-4224	Chamilo LMS File Upload Functionality Remote Code Execution — ChamiloCWE-434	8.8	High	2023-11-28
CVE-2023-4223	Chamilo LMS File Upload Functionality Remote Code Execution — ChamiloCWE-434	8.8	High	2023-11-28
CVE-2023-4222	Chamilo LMS Learning Path PPT2LP Command Injection Vulnerability — ChamiloCWE-78	7.2	High	2023-11-28
CVE-2023-4221	Chamilo LMS Learning Path PPT2LP Command Injection Vulnerability — ChamiloCWE-78	7.2	High	2023-11-28
CVE-2023-4220	Chamilo LMS Unauthenticated Big Upload File Remote Code Execution — ChamiloCWE-434	8.1	High	2023-11-28
CVE-2023-3545	Chamilo LMS Htaccess File Upload Security Bypass — ChamiloCWE-178	9.8	Critical	2023-11-28
CVE-2023-3533	Chamilo LMS Unauthenticated Remote Code Execution via Arbitrary File Write — ChamiloCWE-22	9.8	Critical	2023-11-28
CVE-2023-3368	Chamilo LMS Unauthenticated Command Injection — ChamiloCWE-78	9.8	Critical	2023-11-28
CVE-2013-0739	Chamilo 跨站脚本漏洞 — Chamilo	6.1	-	2020-01-30
CVE-2013-0738	Chamilo 跨站脚本漏洞 — Chamilo	6.1	-	2020-01-30

本页汇总了 Chamilo 厂商截至目前公开的全部 83 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接，并附带 AI 生成的中文分析以便快速判断风险。

目標達成 すべての支援者に感謝 — 100%達成しました！

Chamilo 厂商漏洞列表 / CVE 中文分析 83

目標達成すべての支援者に感謝 — 100%達成しました！