CVE-2012-4030

HIGH

Chamilo < 1.8.8.6 - Arbitrary File Deletion via index.php Input Handling

Title source: llm
STIX 2.1

Description

Chamilo before 1.8.8.6 does not adequately handle user supplied input by the index.php script, which could allow remote attackers to delete arbitrary files.

References (1)

Core 1
Core References

Scores

CVSS v3 7.5
EPSS 0.0134
EPSS Percentile 67.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-20
Status published
Products (1)
chamilo/chamilo_lms < 1.8.8.6
Published Jan 10, 2020
Tracked Since Feb 18, 2026