Description
A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2013-5838 Vulnerability (CVE-2013-5838)
Drupal Deserialization of Untrusted Data Vulnerability (CVE-2024-55638)
WordPress Plugin WordPress Social Stream Information Disclosure (1.6)
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.26)
Oracle Application Server CVE-2007-5520 Vulnerability (CVE-2007-5520)