โ† Back to Dashboard

CVE-2021-47939

HIGH NVD
CVSS Score
8.8
Severity
HIGH
Source
NVD
Published
May 10, 2026
Description

Evolution CMS 3.1.6 contains a remote code execution vulnerability that allows authenticated users with module creation permissions to execute arbitrary system commands by injecting PHP code into module parameters. Attackers can send POST requests to /manager/index.php with malicious PHP code in the 'post' parameter to create modules that execute arbitrary commands when invoked.

View Full Details โ† Back