Critical severityNVD Advisory· Published Apr 7, 2022· Updated Aug 4, 2024
CVE-2021-43421
CVE-2021-43421
Description
A File Upload vulnerability exists in Studio-42 elFinder 2.0.4 to 2.1.59 via connector.minimal.php, which allows a remote malicious user to upload arbitrary files and execute PHP code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
studio-42/elfinderPackagist | >= 2.0.4, < 2.1.60 | 2.1.60 |
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-x4jx-hjwf-gc99ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-43421ghsaADVISORY
- github.com/Studio-42/elFinder/commit/c08bcbfa722d758d01975799b7036951eb5d33cbghsaWEB
- github.com/Studio-42/elFinder/issues/3429ghsax_refsource_MISCWEB
- twitter.com/infosec_90/status/1455180286354919425ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.