Skip to main content

Elfinder

13 CVEs product

Monthly

CVE-2026-41247 PHP HIGH PATCH GHSA This Week

elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Prior to 2.1.67, elFinder contains a command injection vulnerability in the resize command. The bg (background color) parameter is accepted from user input and passed through image resize/rotate processing. In configurations that use the ImageMagick CLI backend, this value is incorporated into shell command strings without sufficient escaping. An attacker able to invoke the resize command with a crafted bg value may achieve arbitrary command execution as the web server process user. This vulnerability is fixed in 2.1.67.

Command Injection Elfinder
NVD GitHub VulDB
CVSS 4.0
8.9
EPSS
0.4%
CVE-2024-38909 PHP CRITICAL Act Now

Studio 42 elFinder 2.1.64 is vulnerable to Incorrect Access Control. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Elfinder
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-35840 PHP MEDIUM POC PATCH This Month

_joinPath in elFinderVolumeLocalFileSystem.class.php in elFinder before 2.1.62 allows path traversal in the PHP LocalVolumeDriver connector. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal PHP Elfinder
NVD GitHub
CVSS 3.1
6.5
EPSS
1.9%
CVE-2022-27115 PHP CRITICAL POC PATCH THREAT Act Now

In Studio-42 elFinder 2.1.60, there is a vulnerability that causes remote code execution through file name bypass for file upload. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Elfinder
NVD GitHub
CVSS 3.1
9.8
EPSS
28.6%
CVE-2022-26960 PHP CRITICAL POC PATCH THREAT Act Now

connector.minimal.php in std42 elFinder through 2.1.60 is affected by path traversal. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP Path Traversal Elfinder
NVD GitHub
CVSS 3.1
9.1
EPSS
51.0%
CVE-2021-32682 PHP CRITICAL POC PATCH THREAT Act Now

elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP RCE Path Traversal Elfinder
NVD GitHub
CVSS 3.1
9.8
EPSS
69.9%
CVE-2021-23394 PHP CRITICAL POC PATCH THREAT Act Now

The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE PHP File Upload Elfinder
NVD GitHub
CVSS 3.1
9.8
EPSS
19.1%
CVE-2019-9194 PHP CRITICAL POC PATCH THREAT Act Now

elFinder before 2.1.48 has a command injection vulnerability in the PHP connector. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP Command Injection Elfinder
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
96.6%
CVE-2019-6257 PHP HIGH PATCH This Week

A Server Side Request Forgery (SSRF) vulnerability in elFinder before 2.1.46 could allow a malicious user to access the content of internal network resources. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

PHP SSRF Elfinder
NVD GitHub
CVSS 3.1
7.7
EPSS
1.1%
CVE-2019-5884 PHP MEDIUM PATCH This Month

php/elFinder.class.php in elFinder before 2.1.45 leaks information if PHP's curl extension is enabled and safe_mode or open_basedir is not set. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

PHP Information Disclosure Elfinder
NVD GitHub
CVSS 3.1
5.9
EPSS
1.3%
CVE-2018-9110 PHP CRITICAL PATCH Act Now

Studio 42 elFinder before 2.1.37 has a directory traversal vulnerability in elFinder.class.php with the zipdl() function that can allow a remote attacker to download files accessible by the web. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal PHP Elfinder
NVD GitHub
CVSS 3.1
9.1
EPSS
2.9%
CVE-2018-9109 PHP CRITICAL PATCH Act Now

Studio 42 elFinder before 2.1.36 has a directory traversal vulnerability in elFinder.class.php with the zipdl() function that can allow a remote attacker to download files accessible by the web. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal PHP Elfinder
NVD GitHub
CVSS 3.1
9.1
EPSS
3.0%
CVE-2013-1972 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the elFinder file manager module 6.x-0.x before 6.x-0.8 and 7.x-0.x before 7.x-0.8 for Drupal allows remote attackers to hijack the authentication. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

CSRF XSS Elfinder
NVD
CVSS 2.0
4.3
EPSS
0.4%
EPSS 0% CVSS 8.9
HIGH PATCH This Week

elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Prior to 2.1.67, elFinder contains a command injection vulnerability in the resize command. The bg (background color) parameter is accepted from user input and passed through image resize/rotate processing. In configurations that use the ImageMagick CLI backend, this value is incorporated into shell command strings without sufficient escaping. An attacker able to invoke the resize command with a crafted bg value may achieve arbitrary command execution as the web server process user. This vulnerability is fixed in 2.1.67.

Command Injection Elfinder
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL Act Now

Studio 42 elFinder 2.1.64 is vulnerable to Incorrect Access Control. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Elfinder
NVD GitHub VulDB
EPSS 2% CVSS 6.5
MEDIUM POC PATCH This Month

_joinPath in elFinderVolumeLocalFileSystem.class.php in elFinder before 2.1.62 allows path traversal in the PHP LocalVolumeDriver connector. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal PHP Elfinder
NVD GitHub
EPSS 29% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

In Studio-42 elFinder 2.1.60, there is a vulnerability that causes remote code execution through file name bypass for file upload. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Elfinder
NVD GitHub
EPSS 51% CVSS 9.1
CRITICAL POC PATCH THREAT Act Now

connector.minimal.php in std42 elFinder through 2.1.60 is affected by path traversal. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP Path Traversal Elfinder
NVD GitHub
EPSS 70% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP RCE Path Traversal +1
NVD GitHub
EPSS 19% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE PHP File Upload +1
NVD GitHub
EPSS 97% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

elFinder before 2.1.48 has a command injection vulnerability in the PHP connector. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP Command Injection Elfinder
NVD GitHub Exploit-DB
EPSS 1% CVSS 7.7
HIGH PATCH This Week

A Server Side Request Forgery (SSRF) vulnerability in elFinder before 2.1.46 could allow a malicious user to access the content of internal network resources. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

PHP SSRF Elfinder
NVD GitHub
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

php/elFinder.class.php in elFinder before 2.1.45 leaks information if PHP's curl extension is enabled and safe_mode or open_basedir is not set. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

PHP Information Disclosure Elfinder
NVD GitHub
EPSS 3% CVSS 9.1
CRITICAL PATCH Act Now

Studio 42 elFinder before 2.1.37 has a directory traversal vulnerability in elFinder.class.php with the zipdl() function that can allow a remote attacker to download files accessible by the web. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal PHP Elfinder
NVD GitHub
EPSS 3% CVSS 9.1
CRITICAL PATCH Act Now

Studio 42 elFinder before 2.1.36 has a directory traversal vulnerability in elFinder.class.php with the zipdl() function that can allow a remote attacker to download files accessible by the web. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal PHP Elfinder
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the elFinder file manager module 6.x-0.x before 6.x-0.8 and 7.x-0.x before 7.x-0.8 for Drupal allows remote attackers to hijack the authentication. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

CSRF XSS Elfinder
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy