Wiz
Vulnerability DatabaseCVE-2021-36440

CVE-2021-36440
PHP vulnerability analysis and mitigation

Overview

A file upload vulnerability was discovered in ShowDoc v2.9.5 that allows remote download of compressed files, where files in the compressed package can be released to the web directory when decompressed. The vulnerability was identified in June 2021 and assigned CVE-2021-36440. The affected component is the AdminUpdateController.class.php file in the server/Application/Api/Controller/ directory (GitHub Issue).

Technical details

The vulnerability exists in the download function of AdminUpdateController.class.php. The function accepts a fileurl parameter that allows remote download of compressed files without proper validation. When the compressed file is decompressed, its contents are extracted to the web directory. The vulnerability can be exploited by sending a POST request to /server/index.php?s=/api/adminUpdate/download with parameters newversion and file_url pointing to a malicious zip file (GitHub Issue).

Impact

The vulnerability allows attackers to upload malicious files to the web directory through a compressed file, potentially leading to remote code execution or unauthorized access to the system (GitHub Issue).

Mitigation and workarounds

The vulnerability was discovered in ShowDoc v2.9.5. Users should upgrade to a patched version if available. No specific workarounds were provided in the available sources (GitHub Issue).

Additional resources

SourceThis report was generated using AI

Related PHP vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-13828CRITICAL9
  • PHPPHP
  • mautic/core
NoYesDec 02, 2025
CVE-2025-13827HIGH8.8
  • PHPPHP
  • mautic/grapes-js-builder-bundle
NoYesDec 02, 2025
CVE-2025-66468HIGH7.6
  • PHPPHP
  • aimeos/ai-cms-grapesjs
NoYesDec 02, 2025
CVE-2025-65657MEDIUM6.5
  • PHPPHP
  • feehi/cms
NoNoDec 02, 2025
CVE-2025-65186MEDIUM6.1
  • PHPPHP
  • getgrav/grav
NoNoDec 02, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo