elFinder 安全漏洞

elFinder is an open source web file manager from Studio 42 Open Source. A security vulnerability exists in elFinder version 2.1.62, which stems from the inclusion of a filename restriction bypass vulnerability that can lead to a persistent cross-site scripting vulnerability...

Exploit for Path Traversal in Std42 Elfinder

CVE-2023-35840 elFinder 2.1.62 - Path Traversal vulnerabilit...

GHSA-WM5G-P99Q-66G4 elFinder vulnerable to path traversal in LocalVolumeDriver connector

Impact Path Traversal vulnerability in PHP LocalVolumeDriver connector. This vulnerability can be exploited by allowing untrusted users to write to the local file system. This issue was caused by incomplete validity checking of the supplied request parameters. That problem has been fixed in...

PT-2023-25338 · Elfinder · Elfinder

Name of the Vulnerable Software and Affected Versions: elFinder versions prior to 2.1.62 Description: The issue allows path traversal in the PHP LocalVolumeDriver connector due to incomplete validity checking of supplied request parameters. This can be exploited by allowing untrusted users to wri...