Unrated severityOSV Advisory· Published Jan 15, 2026· Updated Apr 7, 2026
Phpwcms 1.9.30 - Arbitrary File Upload
CVE-2021-47783
Description
Phpwcms 1.9.30 contains a file upload vulnerability that allows authenticated attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG payloads through the multiple file upload feature to potentially execute cross-site scripting attacks on the platform.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www.exploit-db.com/exploits/50363mitreexploit
- www.vulncheck.com/advisories/phpwcms-arbitrary-file-uploadmitrethird-party-advisory
- www.phpwcms.orgmitreproduct
News mentions
0No linked articles in our index yet.