CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/05/16 3:26 p.m.•9 views

CVE-2021-47976

Vulnrichment•added 2026/05/16 3:26 p.m.•7 views

CVE-2021-47976 TextPattern CMS 4.9.0-dev Authenticated Remote Code Execution via Plugin Upload

Cvelist•added 2026/05/16 3:26 p.m.•37 views

CVE-2021-47976 TextPattern CMS 4.9.0-dev Authenticated Remote Code Execution via Plugin Upload

8.8CVSS0.00315EPSS

CVE•added 2026/05/16 3:26 p.m.•11 views

CVE-2021-47976

CVE-2021-47976 affects TextPattern CMS 4.9.0-dev. An authenticated attacker can exploit the plugin upload functionality to upload arbitrary PHP files, obtain a CSRF token from the plugin event page, and place PHP payloads in the textpattern/tmp/ directory for code execution. The CVE is documented...

EUVD•added 2026/05/16 3:26 p.m.•10 views

EUVD-2021-34835

Positive Technologies•added 2026/05/16 12:0 a.m.•13 views

PT-2026-41462

Name of the Vulnerable Software and Affected Versions TextPattern CMS version 4.9.0-dev Description Authenticated attackers can achieve remote code execution by exploiting the plugin upload functionality. The process involves authenticating, retrieving a CSRF token from the plugin event page, and...

CNNVD•added 2026/05/16 12:0 a.m.•9 views

Exploits0References6

Textpattern CMS 跨站请求伪造漏洞

TextPattern CMS is a content management system based on PHP developed by the TextPattern team. Version 4.9.0-dev of TextPattern CMS has a cross-site request forgeing vulnerability. This vulnerability stems from a remote code execution flaw, allowing authenticated attackers to use the plugin uploa...

RedhatCVE•added 2026/05/11 8:25 p.m.•4 views

CVE-2021-47943

TextPattern CMS 4.8.7 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by uploading malicious PHP files through the file upload functionality. Attackers can upload a PHP shell via the Files section in the content area and execute...

EUVD•added 2026/05/10 3:31 p.m.•6 views

EUVD-2021-34803

NVD•added 2026/05/10 1:16 p.m.•7 views

CVE-2021-47943

8.8CVSS0.00617EPSS

ATTACKERKB•added 2026/05/10 12:43 p.m.•5 views

CVE-2021-47943

Exploits0References2Affected Software1

CVE•added 2026/05/10 12:43 p.m.•6 views

CVE-2021-47943

TextPattern CMS 4.8.7 is affected by a remote code execution (RCE) vulnerability exploitable via file upload. The flaw allows authenticated attackers to upload PHP files (a PHP shell) through the Files section in the content area and trigger code execution by accessing the uploaded file at /textp...

Cvelist•added 2026/05/10 12:43 p.m.•29 views

CVE-2021-47943 TextPattern CMS 4.8.7 Remote Code Execution via File Upload

8.8CVSS0.00617EPSS

Vulnrichment•added 2026/05/10 12:43 p.m.•6 views

CVE-2021-47943 TextPattern CMS 4.8.7 Remote Code Execution via File Upload

CNNVD•added 2026/05/10 12:0 a.m.•8 views

Textpattern CMS 代码问题漏洞

TextPattern CMS is a content management system based on PHP developed by the TextPattern team. Version 4.8.7 of TextPattern CMS has a code vulnerability that stems from a remote code execution flaw in the file upload function. This vulnerability could allow authenticated attackers to execute...

Positive Technologies•added 2026/05/10 12:0 a.m.•7 views

PT-2026-39517

RedhatCVE•added 2026/04/22 7:22 p.m.•1 views

CVE-2026-30452

Textpattern CMS 4.9.0 contains a Broken Access Control vulnerability in the article management system that allows authenticated users with low privileges to modify articles owned by users with higher privileges. By manipulating the article ID parameter during the duplicate-and-save workflow in...

6.5CVSS5.8AI score0.00247EPSS

EUVD•added 2026/04/21 6:31 p.m.•5 views

EUVD-2026-24160

5.8AI score0.00247EPSS