| CVE-2026-41247 |
critical |
9.8 |
9.8 |
|
|
|
1mo ago |
elFinder: Command injection in resize background color parameter when using ImageMagick CLI |
| CVE-2026-44521 |
high |
8.8 |
8.8 |
|
|
|
24d ago |
elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Prior to 2.1.68, an authenticated SQL injection vulnerability in the elFinder MySQL volume driver (elFinderVolu… |
| CVE-2019-9194 |
unknown |
— |
1.0 |
|
|
|
4y ago |
elFinder command injection vulnerability in the PHP connector |
| CVE-2021-32682 |
unknown |
— |
1.0 |
|
|
|
5y ago |
elFinder before 2.1.59 contains multiple vulnerabilities leading to RCE |
| CVE-2024-38909 |
unknown |
— |
— |
|
|
|
2y ago |
Studio 42 elFinder vulnerable to Incorrect Access Control |
| CVE-2023-35840 |
unknown |
— |
— |
|
|
|
3y ago |
elFinder vulnerable to path traversal in LocalVolumeDriver connector |
| CVE-2018-9110 |
unknown |
— |
— |
|
|
|
4y ago |
Directory Traversal in Studio 42 elFinder |
| CVE-2018-9109 |
unknown |
— |
— |
|
|
|
4y ago |
elFinder Path Traversal vulnerability |
| CVE-2019-5884 |
unknown |
— |
— |
|
|
|
4y ago |
Sensitive Data Exposure in elFinder |
| CVE-2019-6257 |
unknown |
— |
— |
|
|
|
4y ago |
elFinder Server Side Request Forgery (SSRF) |
| CVE-2022-27115 |
unknown |
— |
— |
|
|
|
4y ago |
RCE in Studio-42 elFinder on Windows before 2.1.61 |
| CVE-2021-43421 |
unknown |
— |
— |
|
|
|
4y ago |
elFinder Unrestricted File Upload vulnerability |
| CVE-2022-26960 |
unknown |
— |
— |
|
|
|
4y ago |
Path Traversal in Studio-42 elFinder through 2.1.60 |
| CVE-2021-45919 |
unknown |
— |
— |
|
|
|
4y ago |
Studio 42 elFinder allows stored XSS |
| CVE-2021-23394 |
unknown |
— |
— |
|
|
|
5y ago |
elFinder unsafe upload filtering leading to remote code execution |
