Lucene search
K

5 matches found

Nuclei
Nuclei
added 19 hours ago179 views

Studio-42 elFinder <2.1.60 - Arbitrary File Upload

Studio-42 elFinder 2.0.4 to 2.1.59 is vulnerable to unauthenticated file upload via connector.minimal.php which could allow a remote user to upload arbitrary files and execute PHP code. id: CVE-2021-43421 info: name: Studio-42 elFinder 2.1.60 - Arbitrary File Upload author: akincibor severity:...

9.8CVSS7.4AI score0.42781EPSS
Exploits1References4
Nuclei
Nuclei
added 19 hours ago378 views

elFinder 2.1.58 - Remote Code Execution

elFinder 2.1.58 is impacted by multiple remote code execution vulnerabilities that could allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with minimal configuration. id: CVE-2021-32682 info: name: elFinder 2.1.58 - Remote Code Executi...

9.8CVSS8AI score0.69934EPSS
Exploits5References5
Nuclei
Nuclei
added 19 hours ago35 views

elFinder <=2.1.60 - Local File Inclusion

elFinder through 2.1.60 is affected by local file inclusion via connector.minimal.php. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths. id: CVE-2022-26960 info: name: elFind...

9.1CVSS7.2AI score0.50993EPSS
Exploits1References5
NVD
NVD
added 2022/03/21 5:15 p.m.31 views

CVE-2022-26960

connector.minimal.php in std42 elFinder through 2.1.60 is affected by path traversal. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths...

9.1CVSS0.50993EPSS
Exploits1References3
CVE
CVE
added 2022/03/21 4:52 p.m.124 views

CVE-2022-26960

CVE-2022-26960 affects elFinder

9.1CVSS9.1AI score0.50993EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder