CVE-2021-47753

CRITICAL

phpKF CMS 3.00 Beta y6 - Unauthenticated Arbitrary File Upload via File Extension Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-47753. PoCs published by Halit AKAYDIN.

AI-analyzed exploit summary This exploit demonstrates an unauthenticated remote code execution (RCE) vulnerability in phpKF CMS 3.00 Beta y6 by exploiting a file upload mechanism that only checks file extensions. It uploads a malicious PHP file disguised as a PNG, renames it to execute arbitrary commands, and provides an interactive shell.

Description

phpKF CMS 3.00 Beta y6 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary code by bypassing file extension checks. Attackers can upload a PHP file disguised as a PNG, rename it, and execute system commands through a crafted web shell parameter.

Exploits (1)

exploitdb WORKING POC

by Halit AKAYDIN · pythonwebappsphp

https://www.exploit-db.com/exploits/50610

View Code ZIP pw:eip

This exploit demonstrates an unauthenticated remote code execution (RCE) vulnerability in phpKF CMS 3.00 Beta y6 by exploiting a file upload mechanism that only checks file extensions. It uploads a malicious PHP file disguised as a PNG, renames it to execute arbitrary commands, and provides an interactive shell.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: phpKF CMS 3.00 Beta y6

No auth needed

Prerequisites: Target must be running phpKF CMS 3.00 Beta y6 · Network access to the target web application

MITRE ATT&CK

T1105 - Ingress Tool Transfer T1204 - User Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory exploit

https://www.exploit-db.com/exploits/50610

Product product

https://www.phpkf.com/

Product product

https://www.phpkf.com/indirme.php

Scores

CVSS v3 9.8

EPSS 0.0067

EPSS Percentile 47.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-434

Status published

Products (2)

phpkf/cms 3.00 beta_y6

Phpkf/phpKF CMS 3.00

Published Jan 15, 2026

Tracked Since Feb 18, 2026