CVE-2018-20329

Published: 2018-12-21T06:29Z

Last Modified: 2024-11-21T04:01Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access to the sessions catalogue (which may optionally be made public) to extract and/or modify database information. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt