Vuln ID: CVE-2021-23394
Published: 2021-06-13 11:15:14Z
Description: The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file.
NOTE: This only applies if the server parses .phar files as PHP.
Source: NVD.NIST.GOV