VYPR
Unrated severityNVD Advisory· Published Jul 27, 2011· Updated Jun 16, 2026

CVE-2011-2745

CVE-2011-2745

Description

upload_handler.php in the swfupload extension in Chyrp 2.0 and earlier relies on client-side JavaScript code to restrict the file extensions of uploaded files, which allows remote authenticated users to upload a .php file, and consequently execute arbitrary PHP code, via a write_post action to the default URI under admin/.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Chyrp/Chyrp2 versions
    cpe:2.3:a:chyrp:chyrp:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:chyrp:chyrp:*:*:*:*:*:*:*:*range: <=2.0
    • (no CPE)range: <=2.0

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.