A File Upload vulnerability exists in Studio-42 elFinder 2.0.4 to 2.1.59 via connector.minimal.php, which allows a remote malicious user to upload arbitrary files and execute PHP code.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| studio-42/elfinder(Packagist) | 2.0.4 | 2.1.60 | N/A |
CVSS Metrics
