VYPR
High severity8.1NVD Advisory· Published Feb 3, 2023· Updated Jun 17, 2026

CVE-2021-36532

CVE-2021-36532

Description

Race condition vulnerability discovered in portfolioCMS 1.0 allows remote attackers to run arbitrary code via fileExt parameter to localhost/admin/uploads.php.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.