diff --git a/documentation/modules/exploit/linux/http/elfinder_archive_cmd_injection.md b/documentation/modules/exploit/linux/http/elfinder_archive_cmd_injection.md
index c340b95c0c..a38a6af1a8 100644
--- a/documentation/modules/exploit/linux/http/elfinder_archive_cmd_injection.md
+++ b/documentation/modules/exploit/linux/http/elfinder_archive_cmd_injection.md
@@ -4,7 +4,7 @@ elFinder versions below 2.1.59 are vulnerable to a command injection
 vulnerability via its archive functionality.
 
 When creating a new zip archive, the `name` parameter is sanitized
-with the `escapeshellcmd()` php function and then passed to the
+with the `escapeshellarg()` php function and then passed to the
 `zip` utility. Despite the sanitization, supplying the `-TmTT`
 argument as part of the `name` parameter is still permitted and
 enables the execution of arbitrary commands as the `www-data` user.
diff --git a/modules/exploits/linux/http/elfinder_archive_cmd_injection.rb b/modules/exploits/linux/http/elfinder_archive_cmd_injection.rb
index 69d13bd557..d0cf16490a 100644
--- a/modules/exploits/linux/http/elfinder_archive_cmd_injection.rb
+++ b/modules/exploits/linux/http/elfinder_archive_cmd_injection.rb
@@ -21,7 +21,7 @@ class MetasploitModule < Msf::Exploit::Remote
           vulnerability via its archive functionality.
 
           When creating a new zip archive, the `name` parameter is sanitized
-          with the `escapeshellcmd()` php function and then passed to the
+          with the `escapeshellarg()` php function and then passed to the
           `zip` utility. Despite the sanitization, supplying the `-TmTT`
           argument as part of the `name` parameter is still permitted and
           enables the execution of arbitrary commands as the `www-data` user.