CVE-2018-25158

HIGH 8.8

Chamilo LMS 1.11.8 Arbitrary File Upload via elfinder

CVSS Score

8.8

EPSS Score

0.0%

EPSS Percentile

0th

Chamilo LMS 1.11.8 contains an arbitrary file upload vulnerability that allows authenticated users to upload and execute PHP files through the elfinder filemanager module. Attackers can upload files with image headers in the social myfiles section, rename them to PHP extensions, and execute arbitrary code by accessing the uploaded files.

CWE	CWE-434
Vendor	chamilo
Product	chamillo lms
Published	Feb 20, 2026
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for chamilo chamillo lms

Be the first to know when new high vulnerabilities affecting chamilo chamillo lms are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Chamilo / Chamillo LMS

Chamilo 1.11.8 or lower to 1.8

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/47423 github.com: https://github.com/chamilo/chamilo-lms vulncheck.com: https://www.vulncheck.com/advisories/chamilo-lms-arbitrary-file-upload-via-elfinder

Credits

Sohel Yousef