Executive Summary

Informations
NameCVE-2019-6257First vendor Publication2019-01-14
VendorCveLast vendor Modification2019-02-01

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:P/I:N/A:N)
Cvss Base Score4Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score8AuthenticationRequires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

A Server Side Request Forgery (SSRF) vulnerability in elFinder before 2.1.46 could allow a malicious user to access the content of internal network resources. This occurs in get_remote_contents() in php/elFinder.class.php.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6257

Sources (Detail)

SourceUrl
MISC https://github.com/Studio-42/elFinder/blob/68ec63c0aeca3963101aca8f842dc9f2e4...
https://github.com/Studio-42/elFinder/commit/2f522db8f037a66ce9040ee0b216aa4a...

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2019-02-01 21:18:43
  • Multiple Updates
2019-01-14 13:20:16
  • First insertion