Vulnerability Details CVE-2022-26960
connector.minimal.php in std42 elFinder through 2.1.60 is affected by path traversal. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.875
EPSS Ranking 99.4%
CVSS Severity
CVSS v3 Score 9.1
CVSS v2 Score 5.8
References
- https://github.com/Studio-42/elFinder/commit/3b758495538a448ac8830ee3559e7fb2c260c6db
- https://www.synacktiv.com/publications.html
- https://www.synacktiv.com/publications/elfinder-the-story-of-a-repwning.html
- https://github.com/Studio-42/elFinder/commit/3b758495538a448ac8830ee3559e7fb2c260c6db
- https://www.synacktiv.com/publications.html
- https://www.synacktiv.com/publications/elfinder-the-story-of-a-repwning.html
Products affected by CVE-2022-26960
-
cpe:2.3:a:std42:elfinder:1.0.1
-
cpe:2.3:a:std42:elfinder:1.1
-
cpe:2.3:a:std42:elfinder:1.2
-
cpe:2.3:a:std42:elfinder:2.0
-
cpe:2.3:a:std42:elfinder:2.0.3
-
cpe:2.3:a:std42:elfinder:2.0.4
-
cpe:2.3:a:std42:elfinder:2.0.5
-
cpe:2.3:a:std42:elfinder:2.0.6
-
cpe:2.3:a:std42:elfinder:2.0.7
-
cpe:2.3:a:std42:elfinder:2.0.8
-
cpe:2.3:a:std42:elfinder:2.0.9
-
cpe:2.3:a:std42:elfinder:2.1.0
-
cpe:2.3:a:std42:elfinder:2.1.1
-
cpe:2.3:a:std42:elfinder:2.1.10
-
cpe:2.3:a:std42:elfinder:2.1.11
-
cpe:2.3:a:std42:elfinder:2.1.12
-
cpe:2.3:a:std42:elfinder:2.1.13
-
cpe:2.3:a:std42:elfinder:2.1.14
-
cpe:2.3:a:std42:elfinder:2.1.15
-
cpe:2.3:a:std42:elfinder:2.1.16
-
cpe:2.3:a:std42:elfinder:2.1.17
-
cpe:2.3:a:std42:elfinder:2.1.18
-
cpe:2.3:a:std42:elfinder:2.1.19
-
cpe:2.3:a:std42:elfinder:2.1.2
-
cpe:2.3:a:std42:elfinder:2.1.20
-
cpe:2.3:a:std42:elfinder:2.1.21
-
cpe:2.3:a:std42:elfinder:2.1.22
-
cpe:2.3:a:std42:elfinder:2.1.23
-
cpe:2.3:a:std42:elfinder:2.1.24
-
cpe:2.3:a:std42:elfinder:2.1.25
-
cpe:2.3:a:std42:elfinder:2.1.26
-
cpe:2.3:a:std42:elfinder:2.1.27
-
cpe:2.3:a:std42:elfinder:2.1.28
-
cpe:2.3:a:std42:elfinder:2.1.29
-
cpe:2.3:a:std42:elfinder:2.1.3
-
cpe:2.3:a:std42:elfinder:2.1.30
-
cpe:2.3:a:std42:elfinder:2.1.31
-
cpe:2.3:a:std42:elfinder:2.1.32
-
cpe:2.3:a:std42:elfinder:2.1.33
-
cpe:2.3:a:std42:elfinder:2.1.34
-
cpe:2.3:a:std42:elfinder:2.1.35
-
cpe:2.3:a:std42:elfinder:2.1.36
-
cpe:2.3:a:std42:elfinder:2.1.37
-
cpe:2.3:a:std42:elfinder:2.1.38
-
cpe:2.3:a:std42:elfinder:2.1.39
-
cpe:2.3:a:std42:elfinder:2.1.4
-
cpe:2.3:a:std42:elfinder:2.1.40
-
cpe:2.3:a:std42:elfinder:2.1.41
-
cpe:2.3:a:std42:elfinder:2.1.42
-
cpe:2.3:a:std42:elfinder:2.1.43
-
cpe:2.3:a:std42:elfinder:2.1.44
-
cpe:2.3:a:std42:elfinder:2.1.45
-
cpe:2.3:a:std42:elfinder:2.1.46
-
cpe:2.3:a:std42:elfinder:2.1.47
-
cpe:2.3:a:std42:elfinder:2.1.48
-
cpe:2.3:a:std42:elfinder:2.1.49
-
cpe:2.3:a:std42:elfinder:2.1.5
-
cpe:2.3:a:std42:elfinder:2.1.50
-
cpe:2.3:a:std42:elfinder:2.1.51
-
cpe:2.3:a:std42:elfinder:2.1.52
-
cpe:2.3:a:std42:elfinder:2.1.53
-
cpe:2.3:a:std42:elfinder:2.1.54
-
cpe:2.3:a:std42:elfinder:2.1.55
-
cpe:2.3:a:std42:elfinder:2.1.56
-
cpe:2.3:a:std42:elfinder:2.1.57
-
cpe:2.3:a:std42:elfinder:2.1.58
-
cpe:2.3:a:std42:elfinder:2.1.59
-
cpe:2.3:a:std42:elfinder:2.1.6
-
cpe:2.3:a:std42:elfinder:2.1.60
-
cpe:2.3:a:std42:elfinder:2.1.7
-
cpe:2.3:a:std42:elfinder:2.1.8
-
cpe:2.3:a:std42:elfinder:2.1.9