โ† Back to Dashboard

CVE-2021-47937

HIGH NVD
CVSS Score
8.8
Severity
HIGH
Source
NVD
Published
May 10, 2026
Description

e107 CMS 2.3.0 contains a remote code execution vulnerability that allows authenticated users with theme installation permissions to execute arbitrary commands by uploading malicious theme files. Attackers can upload a crafted theme package through the theme.php endpoint that deploys a web shell to the e107_themes directory, then execute system commands via the payload.php script.

View Full Details โ† Back