ByteOS Network

CVE Vulnerability Details :

CVE-2025-50194

PUBLISHED

More Info Official Page

Assigner-GitHub_M

Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa

Published At-02 Mar, 2026 | 15:16

Updated At-02 Mar, 2026 | 15:16

▼CVE Numbering Authority (CNA)

Chamilo: OS Command Injection in /main/cron/lang/check_parse_lang.php

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /main/cron/lang/check_parse_lang.php. This issue has been patched in version 1.11.30.

Affected Products

Vendor

chamilo

Product

chamilo-lms

Versions

Affected

< 1.11.30

Problem Types

Type	CWE ID	Description
CWE	CWE-78	CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Type: CWE

CWE ID: CWE-78

Description: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Metrics

Version	Base score	Base severity	Vector
4.0	7.1	HIGH	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N

Version: 4.0

Base score: 7.1

Base severity: HIGH

Vector:

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N

References

Hyperlink	Resource
https://github.com/chamilo/chamilo-lms/security/advisories/GHSA-xrr6-wv8p-5v3p	x_refsource_CONFIRM
https://github.com/chamilo/chamilo-lms/commit/4d07349340543b9c913e76f8cb436a4570500ce2	x_refsource_MISC
https://github.com/chamilo/chamilo-lms/releases/tag/v1.11.30	x_refsource_MISC

Hyperlink: https://github.com/chamilo/chamilo-lms/security/advisories/GHSA-xrr6-wv8p-5v3p

Resource:

x_refsource_CONFIRM

Hyperlink: https://github.com/chamilo/chamilo-lms/commit/4d07349340543b9c913e76f8cb436a4570500ce2

Resource:

x_refsource_MISC

Hyperlink: https://github.com/chamilo/chamilo-lms/releases/tag/v1.11.30

Resource:

x_refsource_MISC

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References