Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-105809. PoCs published by Rehan Ahmed.
AI-analyzed exploit summary The exploit demonstrates multiple XSS (Stored and Reflected) and CSRF vulnerabilities in Chamilo LMS 1.9.10 and prior versions. It includes detailed PoC requests and payloads for exploiting these vulnerabilities.
Description
Chamilo LMS 1.9.10 - Multiple Vulnerabilities
Exploits (1)
exploitdb
WORKING POC
by Rehan Ahmed · textwebappsphp
https://www.exploit-db.com/exploits/36435
The exploit demonstrates multiple XSS (Stored and Reflected) and CSRF vulnerabilities in Chamilo LMS 1.9.10 and prior versions. It includes detailed PoC requests and payloads for exploiting these vulnerabilities.
Classification
Working Poc 95%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
Chamilo LMS 1.9.10 and prior
Auth required
Prerequisites:
Valid user account credentials · Access to the target application
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026