A File Upload vulnerability exists in Studio-42 elFinder 2.0.4 to 2.1.59 via connector.minimal.php, which allows a remote malicious user to upload arbitrary files and execute PHP code.
References
Link | Resource |
---|---|
https://github.com/Studio-42/elFinder/issues/3429 | Exploit Issue Tracking Third Party Advisory |
https://twitter.com/infosec_90/status/1455180286354919425 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-04-07T16:18:14
Updated: 2022-04-07T16:18:14
Reserved: 2021-11-08T00:00:00
Link: CVE-2021-43421
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-04-07T17:15:08.720
Modified: 2022-04-13T20:30:14.030
Link: CVE-2021-43421
JSON object: View
Redhat Information
No data.
CWE