Lucene search
GoogleOSV:GHSA-7Q88-JXVP-9GP2HistoryMar 22, 2022 - 12:00 a.m.
Path Traversal in Studio-42 elFinder through 2.1.60
2022-03-2200:00:41
Google
osv.dev
7
path traversal
studio-42 elfinder
remote attackers
absolute file paths
EPSS
0.86
Percentile
98.6%
connector.minimal.php in std42 elFinder through 2.1.60 is affected by path traversal. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths.
Related
openvas
openvas
elFinder < 2.1.61 Multiple Vulnerabilities - Version Check
2022-03-25 00:00:00
elFinder < 2.1.61 Directory Traversal Vulnerability - Active Check
2022-07-05 00:00:00
veracode
veracode
Path Traversal
2022-03-22 04:09:52
nvd
nvd
CVE-2022-26960
2022-03-21 17:15:07
cvelist
cvelist
CVE-2022-26960
2022-03-21 16:52:38
checkpoint_advisories
checkpoint_advisories
Studio42 elFinder Directory Traversal (CVE-2022-26960)
2022-11-21 00:00:00
nuclei
nuclei
elFinder <=2.1.60 - Local File Inclusion
2022-06-30 23:31:46
prion
prion
Path traversal
2022-03-21 17:15:00
cve
cve
CVE-2022-26960
2022-03-21 17:15:07
osv
osv
CVE-2022-26960
2022-03-21 17:15:07
github
github
Path Traversal in Studio-42 elFinder through 2.1.60
2022-03-22 00:00:41