High severity8.8NVD Advisory· Published Jan 23, 2026· Updated Apr 15, 2026
CVE-2021-47904
CVE-2021-47904
Description
PhreeBooks 5.2.3 contains an authenticated file upload vulnerability in the Image Manager that allows remote code execution. Attackers can upload a malicious PHP web shell by exploiting unrestricted file type uploads to gain command execution on the server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 5.2.3
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.