Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-3h9f-mm2x-4j58: Studio 42 elFinder vulnerable to Incorrect Access Control

Studio 42 elFinder 2.1.64 is vulnerable to Incorrect Access Control. Copying files with an unauthorized extension between server directories allows an arbitrary attacker to expose secrets, perform RCE, etc.

ghsa
#git#rce#auth

Studio 42 elFinder vulnerable to Incorrect Access Control

High severity GitHub Reviewed Published Jul 30, 2024 to the GitHub Advisory Database • Updated Jul 30, 2024

ghsa: Latest News

GHSA-pj33-75x5-32j4: RabbitMQ HTTP API's queue deletion endpoint does not verify that the user has a required permission