Cross-site request forgery (CSRF) vulnerability in the elFinder file manager module 6.x-0.x prior to 6.x-0.8 and 7.x-0.x prior to 7.x-0.8 for Drupal allows remote malicious users to hijack the authentication of unspecified victims to create, modify, or delete files via unknown vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
alexey_sukhotin elfinder 6.x-0.6 |
||
alexey_sukhotin elfinder 6.x-0.7 |
||
alexey_sukhotin elfinder 6.x-0.4-beta3 |
||
alexey_sukhotin elfinder 6.x-0.5-beta2 |
||
alexey_sukhotin elfinder 7.x-0.6 |
||
alexey_sukhotin elfinder 7.x-0.7 |
||
alexey_sukhotin elfinder 6.x-0.4-beta1 |