How to fix CVE-2021-47904?

Within 24 hours: Audit all PhreeBooks 5.2.3 instances in your environment and restrict network access to the Image Manager feature or disable it entirely if not in active use. Within 7 days: Implement strict file upload validation controls (whitelist only image MIME types, disable PHP execution in upload directories, enforce file extension restrictions) and deploy WAF rules to block suspicious upload patterns. Within 30 days: Plan and execute an emergency upgrade to a patched PhreeBooks version or migrate to an alternative accounting platform if no patch timeline is provided by the vendor.

Is PHP affected by CVE-2021-47904?

PhreeBooks 5.2.3 deployments face a critical remote code execution risk through authenticated file uploads, allowing attackers to execute arbitrary commands on affected servers.

CVE-2021-47904

HIGH

2026-01-23 [email protected]

8.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

PoC Detected

Jan 26, 2026 - 15:03 vuln.today

Public exploit code

CVE Published

Jan 23, 2026 - 17:16 nvd

HIGH 8.8

Description

PhreeBooks 5.2.3 contains an authenticated file upload vulnerability in the Image Manager that allows remote code execution. Attackers can upload a malicious PHP web shell by exploiting unrestricted file type uploads to gain command execution on the server.

Analysis

Technical Context

Classified as CWE-434 (Unrestricted Upload of File with Dangerous Type). Affects Image Manager. PhreeBooks 5.2.3 contains an authenticated file upload vulnerability in the Image Manager that allows remote code execution. Attackers can upload a malicious PHP web shell by exploiting unrestricted file type uploads to gain command execution on the server.

Affected Products

Product: Image Manager.

Remediation

Monitor vendor advisories for a patch. Validate file types by content. Store uploads outside web root. Restrict network access to the affected service where possible.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.4

CVSS: +44

POC: +20

CVE-2021-47904 vulnerability details – vuln.today

Back

CVE-2021-47904

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2021-47904

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code