CVE-2021-47904 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

PhreeBooks 5.2.3 contains an authenticated file upload vulnerability in the Image Manager that allows remote code execution. Attackers can upload a malicious PH…
High CVSS: 8.7

CVE-2021-47904

PhreeBooks 5.2.3 contains an authenticated file upload vulnerability in the Image Manager that allows remote code execution. Attackers can upload a malicious PHP web shell by exploiting unrestricted file type uploads to gain command execution on the server.
Vendor
-
Product
-
CWE
CWE-434
Yayın Tarihi
2026-01-23 17:16:03
Güncelleme
2026-01-26 15:03:33
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-434 HIGH 2026

Referanslar

https://gist.github.com/joswr1ght/22f40787de19d80d110b37fb79ac3985 https://www.exploit-db.com/exploits/46645 https://www.exploit-db.com/exploits/49524 https://www.phreesoft.com/ https://www.vulncheck.com/advisories/phreebooks-remote-code-execution https://www.exploit-db.com/exploits/49524