exploitDog

CVE-2021-47788

Опубликовано: 16 янв. 2026

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

WebsiteBaker 2.13.0 contains an authenticated remote code execution vulnerability that allows users with language editing permissions to execute arbitrary code. Attackers can exploit the language installation endpoint by manipulating language installation parameters to achieve remote code execution on the server.

Ссылки

https://websitebaker.org/
Product
https://www.exploit-db.com/exploits/50310
Exploit
VDB Entry
https://www.vulncheck.com/advisories/websitebaker-remote-code-execution-rce-authenticated
Third Party Advisory
https://www.exploit-db.com/exploits/50310
Exploit
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:websitebaker:websitebaker:2.13.0:*:*:*:*:*:*:*

EPSS

Процентиль: 52%

0.00293

Низкий

8.8 High

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-p4hv-mffv-fqrv

CVSS3: 8.8

github

23 дня назад

WebsiteBaker 2.13.0 contains an authenticated remote code execution vulnerability that allows users with language editing permissions to execute arbitrary code. Attackers can exploit the language installation endpoint by manipulating language installation parameters to achieve remote code execution on the server.

EPSS

Процентиль: 52%

0.00293

Низкий

8.8 High

CVSS3

Дефекты

CWE-434