A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.
Metrics
Affected Vendors & Products
References
History
Wed, 23 Oct 2024 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-07-09T00:26:26.801Z
Reserved: 2023-06-07T00:00:00.000Z
Link: CVE-2023-34960
Updated: 2026-07-09T00:26:26.801Z
Status : Modified
Published: 2023-08-01T02:15:10.307
Modified: 2026-06-17T06:04:09.833
Link: CVE-2023-34960
No data.
OpenCVE Enrichment
No data.