{"id":"CVE-2018-9110","details":"Studio 42 elFinder before 2.1.37 has a directory traversal vulnerability in elFinder.class.php with the zipdl() function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process. NOTE: this issue exists because of an incomplete fix for CVE-2018-9109.","aliases":["GHSA-44p8-c3wv-f28r"],"modified":"2026-04-10T04:16:58.675419Z","published":"2018-03-28T14:29:00.297Z","references":[{"type":"ADVISORY","url":"https://github.com/Studio-42/elFinder/releases/tag/2.1.37"},{"type":"ADVISORY","url":"https://github.com/Studio-42/elFinder/wiki/Advisory-about-vulnerability-of-CVE-2018-9109-and-CVE-2018-9110"},{"type":"FIX","url":"https://github.com/Studio-42/elFinder/commit/e6351557b86cc10a7651253d2d2aff7f6b918f8e"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/studio-42/elfinder","events":[{"introduced":"0"},{"fixed":"a2f2bc903ccd9e60e6c4a237f92ddc813adef179"},{"fixed":"e6351557b86cc10a7651253d2d2aff7f6b918f8e"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"2.1.37"}]}}],"versions":["1.0.1","2.0-beta","2.1.0","2.1.1","2.1.10","2.1.11","2.1.12","2.1.13","2.1.14","2.1.15","2.1.16","2.1.17","2.1.18","2.1.19","2.1.2","2.1.20","2.1.21","2.1.22","2.1.23","2.1.24","2.1.25","2.1.26","2.1.27","2.1.28","2.1.29","2.1.3","2.1.30","2.1.31","2.1.32","2.1.33","2.1.34","2.1.35","2.1.36","2.1.4","2.1.5","2.1.6","2.1.7","2.1.8","2.1.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-9110.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}]}