Critical severity9.9NVD Advisory· Published Feb 12, 2021· Updated Jun 17, 2026
CVE-2021-26753
CVE-2021-26753
Description
NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP POST parameter. This allows an attacker to obtain access to the operating system where NeDi is installed and to all application data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1- n4nj0.github.io/advisories/nedi-multiple-vulnerabilities-i/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.