漏洞描述
elFinder 存在远程代码执行漏洞,此漏洞是由于connector.minimal.php对用户数据缺乏校验导致的。
elFinder CVE-2021-23394 远程代码执行漏洞
PoC代码
暂无相关漏洞推荐
-
CVE-2019-9194: elFinder <= 2.1.47 - Command Injection POC
2025-08-01 | elFinderelFinder before 2.1.48 has a command injection vulnerability in the PHP connector. The vulnerability... -
CVE-2021-32682: elFinder 2.1.58 - Remote Code Execution POC
2025-08-01 | elFinderelFinder 2.1.58 is impacted by multiple remote code execution vulnerabilities that could allow an at... -
CVE-2021-43421: Studio-42 elFinder <2.1.60 - Arbitrary File Upload POC
2025-08-01 | Studio-42 elFinderStudio-42 elFinder 2.0.4 to 2.1.59 is vulnerable to unauthenticated file upload via connector.minima... -
ShowDoc /server/index.php?s=/api/adminUpdate/download 文件上传漏洞(CVE-2021-36440) 无POC
2025-09-12 | ShowDocShowDoc 2.9.5版本存在一个高危的文件上传漏洞(CVE-2021-36440),该漏洞源于系统未能对上传文件的类型进行充分验证。攻击者可以绕过安全限制上传任意类型的危险文件,包括但不限于PH... -
CVE-2021-1497: Cisco HyperFlex HX Data Platform - Remote Command Execution POC
2025-09-01 | Cisco HyperFlex HX Data PlatformCisco HyperFlex HX contains multiple vulnerabilities in the web-based management interface that coul...