Unrated severityNVD Advisory· Published Jan 13, 2026· Updated Apr 7, 2026
CuteEditor for PHP 6.6 - Directory Traversal
CVE-2021-47751
Description
CuteEditor for PHP (now referred to as Rich Text Editor) 6.6 contains a directory traversal vulnerability in the browse template feature that allows attackers to write files to arbitrary web root directories. Attackers can exploit the ServerMapPath() function by renaming uploaded HTML files using directory traversal sequences to write files outside the intended template directory.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: = 6.6
- Phphtmledit/CuteEditorv5Range: 0
Patches
Vulnerability mechanics
References
3- www.exploit-db.com/exploits/50994mitreexploit
- www.vulncheck.com/advisories/cuteeditor-for-php-directory-traversalmitrethird-party-advisory
- phphtmledit.commitreproduct
News mentions
0No linked articles in our index yet.