Security Advisory

CVE-2021-23394

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-06-13 11:05:11

Last updated 2024-09-16 22:30:47

Assigner snyk

State PUBLISHED

Description

The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file. NOTE: This only applies if the server parses .phar files as PHP.

← Browse all CVEs View on cve.org ↗