CVE-2021-47788
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-16

Last updated on: 2026-01-16

Assigner: VulnCheck

Description
WebsiteBaker 2.13.0 contains an authenticated remote code execution vulnerability that allows users with language editing permissions to execute arbitrary code. Attackers can exploit the language installation endpoint by manipulating language installation parameters to achieve remote code execution on the server.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-16
Last Modified
2026-01-16
Generated
2026-06-16
AI Q&A
2026-01-16
EPSS Evaluated
2026-06-15
NVD
CVE-2021-47788
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
websitebaker websitebaker 2.13.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2021-47788 is an authenticated remote code execution vulnerability in WebsiteBaker version 2.13.0. It allows users who have language editing permissions to execute arbitrary code on the server by exploiting the language installation endpoint. Attackers manipulate language installation parameters to upload and execute malicious code, such as a web shell, on the server. This vulnerability arises from unrestricted upload of dangerous file types during language installation. [1, 2]

Impact Analysis

This vulnerability can have severe impacts including unauthorized remote code execution on the server hosting WebsiteBaker. An attacker with language editing permissions can upload malicious files and execute arbitrary system commands, potentially leading to full server compromise, data theft, service disruption, or further attacks within the network. Since it requires authenticated access, it acts as a privilege escalation vector within the system. [1, 2]

Detection Guidance

Detection involves verifying if WebsiteBaker version 2.13.0 is in use and if users have language editing permissions. One can check for suspicious POST requests to the language installation endpoint (/admin/languages/install.php) that upload files, especially PHP files disguised as language files. Additionally, monitoring for access to uploaded language files (e.g., /languages/TR.php) with command parameters (cmd) can indicate exploitation. Since the exploit involves authenticated access, reviewing logs for unusual login activity followed by language installation requests is useful. There is no specific command provided, but network monitoring tools can be used to filter HTTP POST requests to the language install endpoint and check for multipart/form-data uploads. Also, checking the presence of unexpected PHP files in the /languages/ directory on the server can help detect compromise. [2]

Mitigation Strategies

Immediate mitigation steps include restricting language editing permissions to trusted users only, as the vulnerability requires such privileges. Disable or restrict access to the language installation endpoint (/admin/languages/install.php) if not needed. Apply access controls and monitor for suspicious activity related to language file uploads. If possible, update WebsiteBaker to a version where this vulnerability is fixed or apply any available patches. Additionally, review and remove any unauthorized language files (e.g., TR.php) that may have been uploaded. Implement network-level protections such as web application firewalls to block malicious requests targeting the language installation functionality. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2021-47788. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart