cve/2019/CVE-2019-9194.md

CVE-2019-9194

Description

elFinder before 2.1.48 has a command injection vulnerability in the PHP connector.

POC

Reference

• https://www.exploit-db.com/exploits/46481/
• https://www.exploit-db.com/exploits/46539/

Github

• https://github.com/0xT11/CVE-POC
• https://github.com/ARPSyndicate/cvemon
• https://github.com/Mr-Tree-S/POC_EXP
• https://github.com/cved-sources/cve-2019-9194
• https://github.com/developer3000S/PoC-in-GitHub
• https://github.com/hadrian3689/elFinder_2.1.47_php_connector_rce
• https://github.com/hectorgie/PoC-in-GitHub
• https://github.com/spart9k/INT-18