4 matches found
CVE-2026-44521
elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Prior to 2.1.68, an authenticated SQL injection vulnerability in the elFinder MySQL volume driver elFinderVolumeMySQL allows any logged-in user, including users with read-only access to the affected volume, to...
CVE-2026-44521
elFinder contains an authenticated SQL injection in the MySQL volume driver (elFinderVolumeMySQL). A logged-in user, including those with read-only access, can inject SQL via a crafted target file hash, potentially leading to unauthorized data disclosure and denial of service. Affected installati...
EUVD-2026-32607
elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Prior to 2.1.68, an authenticated SQL injection vulnerability in the elFinder MySQL volume driver elFinderVolumeMySQL allows any logged-in user, including users with read-only access to the affected volume, to...
CVE-2026-44521
elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Prior to 2.1.68, an authenticated SQL injection vulnerability in the elFinder MySQL volume driver elFinderVolumeMySQL allows any logged-in user, including users with read-only access to the affected volume, to...