mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
826 B
826 B
CVE-2021-23394
&color=brighgreen)
Description
The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file. NOTE: This only applies if the server parses .phar files as PHP.
POC
Reference
- https://github.com/Studio-42/elFinder
- https://github.com/Studio-42/elFinder/issues/3295
- https://snyk.io/vuln/SNYK-PHP-STUDIO42ELFINDER-1290554
Github
No PoCs found on GitHub currently.