411 matches found
Maian Cart <=3.8 - Remote Code Execution
Maian Cart 3.0 to 3.8 via the elFinder file manager plugin contains a remote code execution vulnerability. id: CVE-2021-32172 info: name: Maian Cart =3.8 to mitigate this vulnerability. reference: - https://dreyand.github.io/maian-cart-rce/ - https://github.com/DreyAnd/maian-cart-rce -...
elFinder < 2.1.58 - Remote Code Execution
studio-42/elfinder before 2.1.58 contains a remote code execution caused by execution of PHP code in a .phar file, letting attackers execute arbitrary PHP code if the server parses .phar files as PHP, exploit requires server to parse .phar files as PHP. id: CVE-2021-23394 info: name: elFinder...
elFinder <=2.1.60 - Local File Inclusion
elFinder through 2.1.60 is affected by local file inclusion via connector.minimal.php. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths. id: CVE-2022-26960 info: name: elFind...
elFinder <= 2.1.47 - Command Injection
elFinder before 2.1.48 has a command injection vulnerability in the PHP connector. The vulnerability occurs when performing image operations on JPEG files, where the filename is passed to the exiftran utility without proper sanitization, allowing command injection. id: CVE-2019-9194 info: name:...
Studio-42 elFinder <2.1.60 - Arbitrary File Upload
Studio-42 elFinder 2.0.4 to 2.1.59 is vulnerable to unauthenticated file upload via connector.minimal.php which could allow a remote user to upload arbitrary files and execute PHP code. id: CVE-2021-43421 info: name: Studio-42 elFinder 2.1.60 - Arbitrary File Upload author: akincibor severity:...
elFinder 2.1.58 - Remote Code Execution
elFinder 2.1.58 is impacted by multiple remote code execution vulnerabilities that could allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with minimal configuration. id: CVE-2021-32682 info: name: elFinder 2.1.58 - Remote Code Executi...
CVE-2026-44521
elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Prior to 2.1.68, an authenticated SQL injection vulnerability in the elFinder MySQL volume driver elFinderVolumeMySQL allows any logged-in user, including users with read-only access to the affected volume, to...
CVE-2026-44521
elFinder contains an authenticated SQL injection in the MySQL volume driver (elFinderVolumeMySQL). A logged-in user, including those with read-only access, can inject SQL via a crafted target file hash, potentially leading to unauthorized data disclosure and denial of service. Affected installati...
CVE-2026-44521 elFinder: SQL Injection MySQL Volume Driver (elFinderVolumeMySQL)
elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Prior to 2.1.68, an authenticated SQL injection vulnerability in the elFinder MySQL volume driver elFinderVolumeMySQL allows any logged-in user, including users with read-only access to the affected volume, to...
EUVD-2026-32607
elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Prior to 2.1.68, an authenticated SQL injection vulnerability in the elFinder MySQL volume driver elFinderVolumeMySQL allows any logged-in user, including users with read-only access to the affected volume, to...
CVE-2026-44521 elFinder: SQL Injection MySQL Volume Driver (elFinderVolumeMySQL)
elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Prior to 2.1.68, an authenticated SQL injection vulnerability in the elFinder MySQL volume driver elFinderVolumeMySQL allows any logged-in user, including users with read-only access to the affected volume, to...
CVE-2026-44521
elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Prior to 2.1.68, an authenticated SQL injection vulnerability in the elFinder MySQL volume driver elFinderVolumeMySQL allows any logged-in user, including users with read-only access to the affected volume, to...
elFinder SQL注入漏洞
ElFinder is an open-source web file manager developed by Studio 42. Versions of ElFinder prior to 2.1.68 contained a SQL injection vulnerability. This vulnerability stemmed from an SQL injection flaw in the MySQL volume driver, allowing any logged-in user to inject SQL statements through a...
CVE-2026-44260
efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the readonly flag set on the JSP tag is intended to prevent file modifications. When protected=true, elfindercheckRisk enforces that the client sends readonly=true matching the session value, but no event handler checks the readonly...
CVE-2026-44258
efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the elfindercheckRisk function validates target and targets for path traversal and home containment, but does not validate the dst destination parameter used by elfinderpaste. An attacker can copy or move files from within the home...
CVE-2026-44260
efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the readonly flag set on the JSP tag is intended to prevent file modifications. When protected=true, elfindercheckRisk enforces that the client sends readonly=true matching the session value, but no event handler checks the readonly...
CVE-2026-44260 efw4.X: readonly Flag Not Enforced Server-Side
efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the readonly flag set on the JSP tag is intended to prevent file modifications. When protected=true, elfindercheckRisk enforces that the client sends readonly=true matching the session value, but no event handler checks the readonly...
CVE-2026-44260
The CVE concerns efw4.X (Enterprise Framework for Web). Before 4.08.010, the readonly flag on the efw:elFinder JSP tag is meant to prevent modifications, but server-side checks are missing: even when protected=true and the client sends readonly=true, there is no event handler enforcing the readon...
EUVD-2026-29845
efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the readonly flag set on the JSP tag is intended to prevent file modifications. When protected=true, elfindercheckRisk enforces that the client sends readonly=true matching the session value, but no event handler checks the readonly...
CVE-2026-44260 efw4.X: readonly Flag Not Enforced Server-Side
efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the readonly flag set on the JSP tag is intended to prevent file modifications. When protected=true, elfindercheckRisk enforces that the client sends readonly=true matching the session value, but no event handler checks the readonly...