CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Cvelist•added 2026/04/10 6:10 p.m.•19 views

CVE-2026-33618 Chamilo LMS Affected by Remote Code Execution via eval() in Platform Settings

Chamilo LMS is a learning management system. Prior to .0.0-RC.3, the PlatformConfigurationController::decodeSettingArray method uses PHP's eval to parse platform settings from the database. An attacker with admin access obtainable via Advisory 1 can inject arbitrary PHP code into the settings,...

8.8CVSS0.00063EPSS

Exploits0References2

EUVD•added 2026/04/10 6:10 p.m.•1 views

EUVD-2026-21537

8.8CVSS6AI score0.00063EPSS

Exploits0References2

ATTACKERKB•added 2026/04/10 6:10 p.m.•1 views

CVE-2026-33618

8.8CVSS6AI score0.00063EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2026/04/10 12:0 a.m.•1 views

PT-2026-32013

Name of the Vulnerable Software and Affected Versions Chamilo LMS versions prior to 2.0.0-RC.3 Description Chamilo LMS, a learning management system, has an issue where the PlatformConfigurationController::decodeSettingArray method uses PHP's eval function to process platform settings retrieved...

8.8CVSS6.2AI score0.00063EPSS

Exploits0References6

Positive Technologies•added 2024/05/27 12:0 a.m.•7 views

PT-2024-40256 · Packagist · Silverstripe/Framework

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A weakness in the .htaccess rules allows PHP scripts in the assets directory to be executed through a specially crafted URL. However, protections are in place to prevent the upload ...

7.1AI score

Exploits0References5

NVD•added 2023/01/30 10:15 p.m.•21 views

CVE-2022-40136

An information leak vulnerability in SMI Handler used to configure platform settings over WMI in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory...

4.4CVSS4.4AI score0.00051EPSS

Exploits0References1