Description
Chamilo 1.11.16 is affected by an authenticated local file inclusion vulnerability which allows authenticated users with access to 'big file uploads' to copy/move files from anywhere in the file system into the web directory.
Remediation
References
Related Vulnerabilities
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.18)
WordPress Plugin Email Encoder-Protect Email Addresses Cross-Site Scripting (2.1.1)
MediaWiki CVE-2023-29139 Vulnerability (CVE-2023-29139)
WordPress Plugin User Photo Cross-Site Scripting (0.9.5.1)
WordPress Plugin Tune Library 'letter' Parameter SQL Injection (1.5.1)