CVE-2018-25158
Arbitrary File Upload in Chamilo LMS elfinder Enables RCE
Publication date: 2026-02-20
Last updated on: 2026-02-20
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| chamilo | chamilo_lms | 1.11.8 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
Chamilo LMS version 1.11.8 has an arbitrary file upload vulnerability in its elfinder filemanager module. Authenticated users can upload files that contain image headers in the social myfiles section. These files can then be renamed to have PHP extensions, allowing the attacker to execute arbitrary PHP code by accessing the uploaded files.
How can this vulnerability impact me? :
This vulnerability allows an authenticated user to upload and execute arbitrary PHP code on the server. This can lead to unauthorized code execution, potentially compromising the server, accessing sensitive data, modifying or deleting information, and disrupting the normal operation of the Chamilo LMS.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know