Vulnerabilities > Std42 > Elfinder > 2.1.60

DATE CVE VULNERABILITY TITLE RISK
2023-06-19 CVE-2023-35840 Path Traversal vulnerability in Std42 Elfinder
_joinPath in elFinderVolumeLocalFileSystem.class.php in elFinder before 2.1.62 allows path traversal in the PHP LocalVolumeDriver connector.
network
low complexity
std42 CWE-22
6.5
6.5
2022-04-11 CVE-2022-27115 Unrestricted Upload of File with Dangerous Type vulnerability in Std42 Elfinder 2.1.60
In Studio-42 elFinder 2.1.60, there is a vulnerability that causes remote code execution through file name bypass for file upload.
network
low complexity
std42 CWE-434
critical
 9.8
9.8
2022-03-21 CVE-2022-26960 Path Traversal vulnerability in Std42 Elfinder
connector.minimal.php in std42 elFinder through 2.1.60 is affected by path traversal.
network
low complexity
std42 CWE-22
critical
 9.1
9.1