PT-2019-19428 · Studio 42 · Elfinder

Thomas Chauchefoin

·

Publicado

2019-02-26

·

Atualizado

2022-05-13

·

CVE-2019-9194

CVSS v3.1

9.8

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions elFinder versions prior to 2.1.48
Description The issue is related to a command injection vulnerability in the PHP connector of elFinder.
Recommendations For versions prior to 2.1.48, update to version 2.1.48 or later to resolve the issue.

Exploit

Correção

OS Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-78

Identificadores relacionados

CVE-2019-9194
GHSA-4223-QJ94-7X9P

Produtos afetados

Elfinder