CVE-2021-47788

High CVSS: 8.7

WebsiteBaker 2.13.0 contains an authenticated remote code execution vulnerability that allows users with language editing permissions to execute arbitrary code. Attackers can exploit the language installation endpoint by manipulating language installation parameters to achieve remote code execution on the server.

Vendor

Websitebaker

Product

Websitebaker

CWE

CWE-434

Yayın Tarihi

2026-01-16 00:16:22

Güncelleme

2026-01-30 01:02:28

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-434 Websitebaker HIGH Websitebaker 2026

Referanslar

https://websitebaker.org/ https://www.exploit-db.com/exploits/50310 https://www.vulncheck.com/advisories/websitebaker-remote-code-execution-rce-authenticated https://www.exploit-db.com/exploits/50310

Benzer Kayıtlar

Medium

CVE-2023-53953

WebsiteBaker 2.13.3 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malic…

High

CVE-2023-53902

WebsiteBaker 2.13.3 contains a directory traversal vulnerability that allows authenticated attackers to delete arbitrary…

Medium

CVE-2023-53903

WebsiteBaker 2.13.3 contains a stored cross-site scripting vulnerability that allows authenticated users to upload malic…