Описание
elFinder Unrestricted File Upload vulnerability
A File Upload vulnerability exists in Studio-42 elFinder 2.0.4 to 2.1.59 via connector.minimal.php, which allows a remote malicious user to upload arbitrary files and execute PHP code.
Пакеты
Наименование
studio-42/elfinder
composer
Затронутые версииВерсия исправления
>= 2.0.4, < 2.1.60
2.1.60
Связанные уязвимости
CVSS3: 9.8
nvd
почти 4 года назад
A File Upload vulnerability exists in Studio-42 elFinder 2.0.4 to 2.1.59 via connector.minimal.php, which allows a remote malicious user to upload arbitrary files and execute PHP code.