CVE-2021-20721

Summary

KonaWiki2 versions prior to 2.2.4 allows a remote attacker to upload arbitrary files via unspecified vectors. If the file contains PHP scripts, arbitrary code may be executed.

Affected Software

VendorProductVersion RangeStatus
kujirahandKonaWiki2versions prior to 2.2.4affected

Weaknesses

  • Unrestricted upload of file with dangerous type

ADP Enrichment

CVE Program Container

Additional References

References