Std42: >> Elfinder >> 2.1.62 Security Vulnerabilities
Studio-42 eLfinder 2.1.62 is vulnerable to Remote Code Execution (RCE) as there is no restriction for uploading files with the .php8 extension.
CVSS Score
9.8
EPSS Score
0.013
Published
2024-10-31
Studio-42 eLfinder 2.1.62 contains a filename restriction bypass leading to a persistent Cross-site Scripting (XSS) vulnerability.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-10-31