{"id":"CVE-2021-37367","details":"CTparental before 4.45.07 is affected by a code execution vulnerability in the CTparental admin panel. Because The file \"bl_categories_help.php\" is vulnerable to directory traversal, an attacker can create a file that contains scripts and run arbitrary commands.","modified":"2026-04-12T00:40:19.042045Z","published":"2021-08-10T17:15:10.773Z","references":[{"type":"ADVISORY","url":"https://gist.github.com/securylight/092ba96a660e07ad76f2a380c2eaa75a"},{"type":"ADVISORY","url":"https://gitlab.com/marsat/CTparental/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.com/ctparentalgroup/CTparental","events":[{"introduced":"0"},{"fixed":"717f1dec4acd1a355d4942273876c56fe3ea375f"}],"database_specific":{"cpe":"cpe:2.3:a:ctparental_project:ctparental:*:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"fixed":"4.45.07"}]}}],"versions":["4.25.05m","4.30.08m","4.40.04m","4.40.05m","4.41.01m","4.41.02m","4.42.01m","4.43.01m","4.44.01m","4.44.02m","4.44.03m","4.44.05m","4.44.08m","4.44.09m","4.44.11-manjaro-test","4.44.12m","4.44.13m","4.44.15m","4.44.16m","4.44.17m","4.44.18m","4.45.02m","4.45.03m","4.45.04m","4.45.05m"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-37367.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}