216.73.217.86

CVE-2021-47749

· Published 13/01/2026 23:15 · Modified 14/01/2026 20:15

Labels: CVE-2021-47749 2026-01-13CVE-2021-47749CWE-22[email protected]

Essential information

Published
13/01/2026 23:15
Modified
14/01/2026 20:15
Author
Creator
CVSS
8.7 HIGH (v3) 8.7 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

YouPHPTube <= 7.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to access arbitrary files by manipulating the 'lang' parameter in GET requests. Attackers can exploit the path traversal flaw in locale/function.php to include and view PHP files outside the intended directory by using directory traversal sequences.

NVD status

Status
Undergoing Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
youphptube / youphptube cpe:2.3:a:youphptube:youphptube:<7.8:*:*:*:*:*:*

References