CyberSec.Space Logo
返回 CVE 浏览器

CVE-2021-47819

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0410%
EPSS Percentile30.24th
Published2026年1月15日
Last Modified2026年4月15日

Vulnerability Description

ProjeQtOr Project Management 9.1.4 contains a file upload vulnerability that allows guest users to upload malicious PHP files with arbitrary code execution capabilities. Attackers can upload a PHP script through the profile attachment section and execute system commands by accessing the uploaded file with a specially crafted request parameter.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://www.exploit-db.com/exploits/49919
🔗 https://www.projeqtor.org

相关漏洞威胁

CVE-2021-3467910.0

Thycotic Password Reset Server before 5.3.0 allows credential disclosure.

CVE-2021-021110.0

An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon ...

CVE-2021-4422810.0

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration...

CVE-2021-2124310.0

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, a Kubernetes REST endpoint exposes two methods that deser...