upload security issues
Any visitor (anonymously) can upload files to chamilo-user folders via repository/php/ajax/upload_image.class.php. It suffices to send an HTTP POST request to chamilo's ajax.php with the following parameters:
user_id=<any user id>
This allows DoS attacks by flooding the servers filesystem, or attacks on specific users by flooding their folder and surpassing their quotas.
Secondly, common/libraries/plugin/jquery-old/uploadify2/example/scripts/uploadify.php contains example code that allows users to upload arbitrary files to arbitrary locations within a chamilo installation. The example script folder should be removed, or the move_uploaded_file line should be commented out.