CVE-2026-44521 | Studio-42 elFinder up to 2.1.67 MySQL Volume Driver sql injection

A vulnerability, which was classified as critical, was found in Studio-42 elFinder up to 2.1.67. Affected by this issue is some unknown functionality of the component MySQL Volume Driver. Executing a manipulation can lead to sql injection.

This vulnerability is handled as CVE-2026-44521. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More