Primary

Context

Evolution CMS Remote Code Execution Vulnerability

Vulnerability

A remote code execution vulnerability exists in Evolution CMS versions through 3.1.6. This vulnerability allows authenticated users with module creation permissions to execute arbitrary system commands. Exploitation involves injecting PHP code into module parameters and sending POST requests to the manager index. The injected code is executed when the module is invoked.

Impact

Exploitation of this vulnerability allows for remote code execution on the server where Evolution CMS is hosted.

Reproduction

To reproduce this vulnerability, an authenticated user with module creation permissions can inject PHP code into the 'post' parameter while creating a new module. Once the module is saved, the injected code will be executed when the module is run.

Remediation

Users are advised to update to Evolution CMS version 3.5.6, which addresses this vulnerability.

Added: May 10, 2026, 1:34 PM

Updated: May 10, 2026, 1:34 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

10.0

exploitability

6.3

remediation

0.0

relevance

7.9

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

10.0

exploitability

6.3

remediation

0.0

relevance

7.9

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Evolution CMS Remote Code Execution Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Evolution CMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating