studio-42/elfinder Security Advisories for 2.1.65 (2)
-
[HIGH] elFinder MySQL has a SQL Injection in its Volume Driver (elFinderVolumeMySQL)
PKSA-42xd-jnjn-nrty CVE-2026-44521 GHSA-c3gj-q88f-7hqj
Affected version: <=2.1.67
Reported by:
GitHub -
[HIGH] elFinder: Command injection in resize background color parameter when using ImageMagick CLI
PKSA-2p87-h1j5-yb5n CVE-2026-41247 GHSA-8q4h-8crm-5cvc
Affected version: <2.1.67
Reported by:
GitHub