CVE-2021-47751 | THREATINT

Description

CuteEditor for PHP (now referred to as Rich Text Editor) 6.6 contains a directory traversal vulnerability in the browse template feature that allows attackers to write files to arbitrary web root directories. Attackers can exploit the ServerMapPath() function by renaming uploaded HTML files using directory traversal sequences to write files outside the intended template directory.

PUBLISHED Reserved 2026-01-10 | Published 2026-01-13 | Updated 2026-02-02 | Assigner VulnCheck

MEDIUM: 5.3CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Problem types

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Any version

affected

Credits

Stefan Hesselman finder

References

www.exploit-db.com/exploits/50994 exploit

www.exploit-db.com/exploits/50994 (ExploitDB-50994) exploit

phphtmledit.com/ (Vendor Homepage) product

www.vulncheck.com/.../cuteeditor-for-php-directory-traversal (VulnCheck Advisory: CuteEditor for PHP 6.6 - Directory Traversal) third-party-advisory

cve.org (CVE-2021-47751)

nvd.nist.gov (CVE-2021-47751)

Download JSON