Vulnerabilities

CVE-2021-47734 - CMSimple 5.4 Authenticated Local File Inclusion Remote Code Execution

2025-12-23 0 views admin

CVE ID : CVE-2021-47734 Published : Dec. 23, 2025, 8:15 p.m. | 32 minutes ago Description : CMSimple 5.4 contains an authenticated local file inclusion vulnerability that allows remote attackers to manipulate PHP session files and execute arbitrary code. Attackers can leverage the vulnerability by changing the functions file path and uploading malicious PHP code through session file upload mechanisms. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2021-47734

Severity

HIGH

Published

Dec. 23, 2025

Affected Product: PHP

Attack Vector: local

Source: Telegram CVE Monitor

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2021-47734highphp

CVE-2021-47734 - CMSimple 5.4 Authenticated Local File Inclusion Remote Code Execution

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2025-15077 - itsourcecode Student Management System form137.php sql injection

CVE-2025-15078 - itsourcecode Student Management System list_report.php sql injection

CVE-2025-32095 - Pexip Infinity Signalling Denial of Service

CVE-2025-59683 - Pexip Infinity Improper Access Control Denial of Service

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting