CVE-2013-6787

Chamilo LMS < 1.9.6 - Authenticated SQL Injection via Password Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-6787. PoCs published by High-Tech Bridge SA.

AI-analyzed exploit summary This advisory details a SQL injection vulnerability in Chamilo LMS 1.9.6, where the 'password0' POST parameter in '/main/auth/profile.php' is insufficiently validated, allowing authenticated attackers to execute arbitrary SQL commands. The exploit requires the application to be configured without password encryption.

Description

SQL injection vulnerability in the check_user_password function in main/auth/profile.php in Chamilo LMS 1.9.6 and earlier, when using the non-encrypted passwords mode set at installation, allows remote authenticated users to execute arbitrary SQL commands via the "password0" parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by High-Tech Bridge SA · textwebappsphp

https://www.exploit-db.com/exploits/30012

View Code ZIP pw:eip

This advisory details a SQL injection vulnerability in Chamilo LMS 1.9.6, where the 'password0' POST parameter in '/main/auth/profile.php' is insufficiently validated, allowing authenticated attackers to execute arbitrary SQL commands. The exploit requires the application to be configured without password encryption.

Classification

Writeup 100%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Chamilo LMS 1.9.6 and prior

Auth required

Prerequisites: Authenticated access to the application · Application configured with password encryption set to 'none'

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/30012

Exploit mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2013-11/0141.html

Exploit x_refsource_misc

https://www.htbridge.com/advisory/HTB23182

Patch x_refsource_confirm

https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-10-2013-11-06-Moderate-risk-SQL-Injection-in-specific-unrecommended-case

Scores

EPSS 0.0274

EPSS Percentile 84.2%

Details

CWE

CWE-89

Status published

Products (10)

chamilo/chamilo_lms 1.8.6.2

chamilo/chamilo_lms 1.8.7

chamilo/chamilo_lms 1.8.7.1

chamilo/chamilo_lms 1.8.8.2

chamilo/chamilo_lms 1.8.8.4

chamilo/chamilo_lms 1.8.8.6

chamilo/chamilo_lms 1.9.0

chamilo/chamilo_lms 1.9.2

chamilo/chamilo_lms 1.9.4

chamilo/chamilo_lms < 1.9.6

Published Dec 05, 2013

Tracked Since Feb 18, 2026