A vulnerability was found in studio-42 elfinder up to 2.1.57 and classified as problematic. This issue affects an unknown functionality of the component phar File Handler. Upgrading to version 2.1.58 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.
studio-42 elfinder up to 2.1.57 phar File Remote Code Execution
- Virtual Patching
- June 13, 2021
- 2:05 pm
Contact us to get started
CVE-2022-23122 : NETATALK PRIOR 3.1.13 SETFILPARAMS STACK-BASED OVERFLOW
Description This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to
CVE-2023-28102 : DISCORDRB ENCODER.RB FILE OS COMMAND INJECTION
Description discordrb is an implementation of the Discord API using Ruby. In discordrb before commit `91e13043ffa` the `encoder.rb` file unsafely
CVE-2022-4126 : ABB RCCMD PRIOR 4.40 230207 HARD-CODED PASSWORD
Description Use of Default Password vulnerability in ABB RCCMD on Windows, Linux, MacOS allows Try Common or Default Usernames and