Browse all 83 CVE security advisories affecting chamilo. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Chamilo is an open-source learning management system designed for educational institutions and corporate training environments, facilitating online course delivery and student management. Security audits reveal a significant history of vulnerabilities, with eighty-three Common Vulnerabilities and Exposures (CVEs) currently documented. These flaws predominantly involve remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and weak access controls in older versions. Notable incidents include arbitrary file upload vulnerabilities that allowed attackers to execute malicious scripts on the server, compromising system integrity. The platform’s reliance on legacy PHP frameworks has contributed to these recurring security issues, necessitating rigorous patching and configuration hardening. While newer iterations have improved security postures, the extensive CVE record highlights the critical need for continuous monitoring and secure coding practices to mitigate risks associated with its widespread deployment in academic settings.
CVE-2026-308812026-04-18GHSA-273p-jw9w-3g222026-04-18CVE-2026-341602026-04-18CVE-2026-351962026-04-18GHSA-hc3c-8p55-xh4r2026-03-03CVE-2025-501952026-03-03CVE-2025-501972026-03-03GHSA-xrr6-wv8p-5v3p2026-03-03CVE-2024-478862026-03-03Showing up to 20 recent security advisories. View all →
This page lists every published CVE security advisory associated with chamilo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.