CVE-2025-50187 | Chamilo LMS up to 1.11.27 SOAP Request eval injection (GHSA-356v-7xg2-3678)

Inserito da Angelo Barbosa | Mar 2, 2026 | CVE

A vulnerability was found in Chamilo LMS up to 1.11.27. It has been rated as critical. The impacted element is an unknown function of the component SOAP Request Handler. This manipulation causes improper neutralization of directives in dynamically evaluated code.

This vulnerability is registered as CVE-2025-50187. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is advised.

CVE-2025-50187 | Chamilo LMS up to 1.11.27 SOAP Request eval injection (GHSA-356v-7xg2-3678)

Post correlati

CVE-2024-12523 | wssoffice21 States Map US Plugin up to 2.4.2 on WordPress Shortcode states_map cross site scripting

CVE-2024-6283 | DethemeKit for Elementor Plugin up to 2.1.5 on WordPress De Gallery Widget cross site scripting

CVE-2024-34148 | Subversion Partial Release Manager Plugin up to 1.0.1 on Jenkins Privilege Escalation

CVE-2025-12782 | Beaver Builder Plugin up to 2.9.4 on WordPress disable authorization