CVE-2026-28430

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-28430

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-28430.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-28430

Aliases

GHSA-84gw-qjw9-v8jv

Published

2026-03-16T19:13:58.544Z

Modified

2026-04-10T05:41:08.874357Z

Severity

9.3 (Critical) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N CVSS Calculator

Summary

Chamilo LMS Vulnerable to Unauthenticated SQL Injection in chamiko-lms model.ajax.php

Details

Chamilo LMS is a learning management system. Prior to version 1.11.34, there is an unauthenticated SQL injection vulnerability which allows remote attackers to execute arbitrary SQL commands via the custom_dates parameter. By chaining this with a predictable legacy password reset mechanism, an attacker can achieve full administrative account takeover without any prior credentials. The vulnerability also exposes the entire database, including PII and system configurations. This issue has been patched in version 1.11.34.

Database specific

{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-89"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/28xxx/CVE-2026-28430.json"
}

References

Affected packages

Git / github.com/chamilo/chamilo-lms

Affected ranges

Type: GIT
Repo: https://github.com/chamilo/chamilo-lms
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

7eb5c84dbd65b950c1ccfbc6b0262d60b04e40b7

Affected versions

Other

CHAMILO_1_8_7_ALPHA_1

CHAMILO_1_8_7_ALPHA_2

CHAMILO_1_8_7_RC2

CHAMILO_1_8_7_RC_1

CHAMILO_1_8_7_STABLE

CHAMILO_1_8_7_STABLE_BIS

CHAMILO_1_8_8_2_RC_1

CHAMILO_1_8_8_2_STABLE

CHAMILO_1_8_8_2_STABLE_2

CHAMILO_1_8_8_4_STABLE

CHAMILO_1_8_8_ALPHA

CHAMILO_1_8_8_BETA_1

CHAMILO_1_8_8_BETA_2

CHAMILO_1_9_0_ALPHA_1

CHAMILO_1_9_0_ALPHA_2

CHAMILO_1_9_0_ALPHA_4

CHAMILO_1_9_0_PRE_ALPHA

CHAMILO_1_9_0_RC_1

CHAMILO_1_9_0_STABLE_2

CHAMILO_1_9_0_STABLE_3

CHAMILO_1_9_2_STABLE

CHAMILO_1_9_2_STABLE_QUARTER

CHAMILO_1_9_4_ALPHA_1

CHAMILO_1_9_4_RC_1

CHAMILO_1_9_4_STABLE

CHAMILO_1_9_6_RC_1

CHAMILO_1_9_6_RC_2

CHAMILO_1_9_6_STABLE

CHAMILO_1_8_8.*

CHAMILO_1_8_8.3_STABLE_4

v1.*

v1.11.10

v1.11.12

v1.11.14

v1.11.14-beta.1

v1.11.18

v1.11.20

v1.11.20-beta.1

v1.11.22

v1.11.22-beta.1

v1.11.22-beta.2

v1.11.24

v1.11.26

v1.11.26-rc.1

v1.11.28

v1.11.30

v1.11.30-rc.1

v1.11.32

v1.11.6

v1.11.6-alpha.1

v1.8.6.1

v1.9.8

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-28430.json"