VYPR
Unrated severityOSV Advisory· Published Jan 15, 2026· Updated Apr 7, 2026

Phpwcms 1.9.30 - Arbitrary File Upload

CVE-2021-47783

Description

Phpwcms 1.9.30 contains a file upload vulnerability that allows authenticated attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG payloads through the multiple file upload feature to potentially execute cross-site scripting attacks on the platform.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.