Vulnerability Description
Chamilo LMS is a learning management system. Prior to version 1.11.34, there is an unauthenticated SQL injection vulnerability which allows remote attackers to execute arbitrary SQL commands via the custom_dates parameter. By chaining this with a predictable legacy password reset mechanism, an attacker can achieve full administrative account takeover without any prior credentials. The vulnerability also exposes the entire database, including PII and system configurations. This issue has been patched in version 1.11.34.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chamilo | Chamilo Lms | < 1.11.34 |
Related Weaknesses (CWE)
References
- https://github.com/chamilo/chamilo-lms/releases/tag/v1.11.34ProductRelease Notes
- https://github.com/chamilo/chamilo-lms/security/advisories/GHSA-84gw-qjw9-v8jvVendor Advisory
FAQ
What is CVE-2026-28430?
CVE-2026-28430 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Chamilo LMS is a learning management system. Prior to version 1.11.34, there is an unauthenticated SQL injection vulnerability which allows remote attackers to execute arbitrary SQL commands via the c...
How severe is CVE-2026-28430?
CVE-2026-28430 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2026-28430?
Check the references section above for vendor advisories and patch information. Affected products include: Chamilo Chamilo Lms.