[ { "id": 825358517, "name": "chamilo-lms-unauthenticated-big-upload-rce-poc", "full_name": "m3m0o\/chamilo-lms-unauthenticated-big-upload-rce-poc", "owner": { "login": "m3m0o", "id": 130102748, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130102748?v=4", "html_url": "https:\/\/github.com\/m3m0o" }, "html_url": "https:\/\/github.com\/m3m0o\/chamilo-lms-unauthenticated-big-upload-rce-poc", "description": "This is a script written in Python that allows the exploitation of the Chamilo's LMS software security flaw described in CVE-2023-4220", "fork": false, "created_at": "2024-07-07T15:08:30Z", "updated_at": "2024-07-07T18:15:02Z", "pushed_at": "2024-07-07T18:14:56Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 0 }, { "id": 825375455, "name": "Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220", "full_name": "dollarboysushil\/Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220", "owner": { "login": "dollarboysushil", "id": 48991715, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48991715?v=4", "html_url": "https:\/\/github.com\/dollarboysushil" }, "html_url": "https:\/\/github.com\/dollarboysushil\/Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220", "description": "Unrestricted file upload in big file upload functionality in `\/main\/inc\/lib\/javascript\/bigupload\/inc\/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.", "fork": false, "created_at": "2024-07-07T15:53:54Z", "updated_at": "2024-07-07T16:23:54Z", "pushed_at": "2024-07-07T16:18:13Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "chamilo-exploit", "chamilo-lms", "cve-2023-4220", "file-upload-vulnerability", "hackthebox" ], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 0 }, { "id": 825400213, "name": "CVE-2023-4220", "full_name": "charlesgargasson\/CVE-2023-4220", "owner": { "login": "charlesgargasson", "id": 26895987, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26895987?v=4", "html_url": "https:\/\/github.com\/charlesgargasson" }, "html_url": "https:\/\/github.com\/charlesgargasson\/CVE-2023-4220", "description": "https:\/\/starlabs.sg\/advisories\/23\/23-4220\/", "fork": false, "created_at": "2024-07-07T16:57:18Z", "updated_at": "2024-07-07T18:01:38Z", "pushed_at": "2024-07-07T17:48:10Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "2023", "beersel", "bigupload", "chamilo", "chamilo-lms", "cve", "cve-2023-4220", "exploit", "lms", "poc", "rce" ], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 0 } ]