CVE-2021-36424

An issue discovered in phpwcms 1.9.25 allows remote attackers to run arbitrary code via DB user field during installation.

We have discovered 754 live websites that are affected by CVE-2021-36424.

Run a Free Instant Scan



Affected Software

Product  phpwcms
Category Content Management System
Vulnerable Domains754 live websites (72% of phpwcms install base)
Vulnerable Versions
  • from 0 through 1.9.25
Vulnerable Versions Count56 versions ( 73% of all versions)



Details

  • Published - Feb 3, 2023
  • Updated - Mar 26, 2025

Website Distribution by Country

Number of websites using CVE-2021-36424
United States14 websites


Germany409 websites
Brazil145 websites
Austria36 websites
Netherlands36 websites
Italy19 websites
Switzerland15 websites
Poland15 websites
Denmark13 websites
Lithuania10 websites

Website Distribution by TLD

Number of websites using CVE-2021-36424
.de293 websites
.com.br145 websites
.com79 websites
.at48 websites
.nl24 websites
.it18 websites
.org17 websites
.ch14 websites
.net13 websites
.eu12 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2021-36424

Top websites that are affected by CVE-2021-36424. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
*******.at Austria***,***
******************.de Germany***,***
********.ms Germany***,***
****.*******.org Germany***,***
******************.com Germany*,***,***
*************.de Germany*,***,***
***.ch Switzerland*,***,***
********.***.my Malaysia*,***,***
*************.de Germany*,***,***
***********.de Germany*,***,***
See full domain list

FAQ

A total of 754 websites have been identified as vulnerable to CVE-2021-36424, based on global website indexing conducted by WebTechSurvey.
The phpwcms is affected by the CVE-2021-36424 vulnerability.
phpwcms versions up to and including 1.9.25 are vulnerable to CVE-2021-36424.