How severe is CVE-2021-47749?

CVE-2021-47749 has a CVSS v3 score of 6.2 (MEDIUM).

CVE-2021-47749

Q: What is CVE-2021-47749?

YouPHPTube <= 7.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to access arbitrary files by manipulating the 'lang' parameter in GET requests. Attackers can exploit the path traversal flaw in locale/function.php to include and view PHP files outside the intended directory by using directory traversal sequences.

6.2MEDIUM

YouPHPTube <= 7.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to access arbitrary files by manipulating the 'lang' parameter in GET requests. Attackers can expl

게시됨: 1/13/2026업데이트됨: 1/14/2026

NVD에서 보기 MITRE에서 보기

설명

YouPHPTube <= 7.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to access arbitrary files by manipulating the 'lang' parameter in GET requests. Attackers can exploit the path traversal flaw in locale/function.php to include and view PHP files outside the intended directory by using directory traversal sequences.

AI 분석AI 기반

참조

https://web.archive.org/web/20170506141644/https://www.youphptube.com/
https://www.exploit-db.com/exploits/51101
https://www.vulncheck.com/advisories/youphptube-directory-traversal
https://www.exploit-db.com/exploits/51101