Vulnerabilities

CVE-2022-26960

by Fred · 21/03/2022

connector.minimal.php in std42 elFinder through 2.1.60 is affected by path traversal. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths.

Date published : 2022-03-21

https://github.com/Studio-42/elFinder/commit/3b758495538a448ac8830ee3559e7fb2c260c6db

https://www.synacktiv.com/publications.html

Similar

Tags: Cybersecurity Alert