CVE-2021-47788

Sažetak

WebsiteBaker 2.13.0 contains an authenticated remote code execution vulnerability that allows users with language editing permissions to execute arbitrary code. Attackers can exploit the language installation endpoint by manipulating language installation parameters to achieve remote code execution on the server.

Reference

https://websitebaker.org/
https://www.exploit-db.com/exploits/50310
https://www.vulncheck.com/advisories/websitebaker-remote-code-execution-rce-authenticated
https://www.exploit-db.com/exploits/50310

CVSS

Base:	8.8
Impact:	5.9
Exploitability:	2.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

30-01-2026 - 01:02

Objavljeno

16-01-2026 - 00:16