Filtered by vendor Studio42 Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-38909 1 Studio42 1 Elfinder 2024-11-21 9.8 Critical
Studio 42 elFinder 2.1.64 is vulnerable to Incorrect Access Control. Copying files with an unauthorized extension between server directories allows an arbitrary attacker to expose secrets, perform RCE, etc.