CVE-2022-26960 (elfinder) | allinfosecnews.com

March 21, 2022, 5:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

connector.minimal.php in std42 elFinder through 2.1.60 is affected by path traversal. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths.

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months, 1 week ago | web.nvd.nist.gov

attackers cve denial of service issue +1

CVE-2023-40101 (android) 6 months, 1 week ago | web.nvd.nist.gov

android check collapse cve +7

CVE-2023-21377 (android) 6 months, 1 week ago | web.nvd.nist.gov

android bypass cve disclosure +8

CVE-2023-21380 (android) 6 months, 1 week ago | web.nvd.nist.gov

android bluetooth buffer buffer overflow +9

CVE-2023-21382 (android) 6 months, 1 week ago | web.nvd.nist.gov

access android check cve +11

CVE-2023-21381 (android) 6 months, 1 week ago | web.nvd.nist.gov

android arbitrary code code code execution +10

CVE-2023-21385 (android) 6 months, 1 week ago | web.nvd.nist.gov

android corruption cve disclosure +7

CVE-2023-21387 (android) 6 months, 1 week ago | web.nvd.nist.gov

android backup bypass cve +11

CVE-2023-21389 (android) 6 months, 1 week ago | web.nvd.nist.gov

android bypass check cve +10

Digital Security Infrastructure Manager

@ Wizz Air | Budapest, HU, H-1103

View on infosec-jobs.com

Sr. Solution Consultant

@ Highspot | Sydney

View on infosec-jobs.com

Cyber Security Analyst III

@ Love's Travel Stops | Oklahoma City, OK, US, 73120

View on infosec-jobs.com

Lead Security Engineer

@ JPMorgan Chase & Co. | Tampa, FL, United States

View on infosec-jobs.com

GTI Manager of Cybersecurity Operations

@ Grant Thornton | Tulsa, OK, United States

View on infosec-jobs.com

GCP Incident Response Engineer

@ Publicis Groupe | Dallas, Texas, United States

View on infosec-jobs.com