Lucene search
K

10 matches found

NVD
NVD
added 6 days ago10 views

CVE-2026-14261

A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reinstallation through the /setup/ folder, enabling attackers to reinstall the service to a remote database they control...

9.1CVSS0.00571EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 6 days ago7 views

CVE-2026-14261 CVE-2026-14261

A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reinstallation through the /setup/ folder, enabling attackers to reinstall the service to a remote database they control...

6.6AI score0.00571EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42583

A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reinstallation through the /setup/ folder, enabling attackers to reinstall the service to a remote database they control...

9.1CVSS6.6AI score0.00571EPSS
Exploits0References3
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-14261 CVE-2026-14261

A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reinstallation through the /setup/ folder, enabling attackers to reinstall the service to a remote database they control...

0.00571EPSS
Exploits0References3
CVE
CVE
added 6 days ago14 views

CVE-2026-14261

CVE-2026-14261 concerns Xerte Online Toolkits where the /setup/ directory can persist after installation, allowing an unauthenticated attacker to reconfigure the application to point to a remote database and gain administrative access, enabling remote code execution. Patches fix the issue by remo...

9.1CVSS6.6AI score0.00571EPSS
Exploits0References3
OSV
OSV
added 6 days ago1 views

CVE-2026-14261 CVE-2026-14261

A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reinstallation through the /setup/ folder, enabling attackers to reinstall the service to a remote database they control...

9.1CVSS6.5AI score0.00571EPSS
Exploits0References5
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42582

A vulnerability in the Xerte Online Tools allows for RCE through the antivirus binary path in the tools server settings, which can be changed to a PHP interpreter, allowing an attacker to upload PHP data that will then be executed...

9.8CVSS5.9AI score0.0038EPSS
Exploits0References3
CVE
CVE
added 6 days ago21 views

CVE-2026-12116

CVE-2026-12116 affects Xerte Online Toolkits. The vulnerability allows remote code execution by editing the antivirus binary path in the tools server configuration to point to a PHP interpreter, causing any uploaded PHP data to execute. Affected product: Xerte Online Toolkits (open‑source e‑learn...

9.8CVSS5.9AI score0.0038EPSS
Exploits0References3
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-12116 CVE-2026-12116

A vulnerability in the Xerte Online Tools allows for RCE through the antivirus binary path in the tools server settings, which can be changed to a PHP interpreter, allowing an attacker to upload PHP data that will then be executed...

0.0038EPSS
Exploits0References3
OSV
OSV
added 6 days ago2 views

CVE-2026-12116 CVE-2026-12116

A vulnerability in the Xerte Online Tools allows for RCE through the antivirus binary path in the tools server settings, which can be changed to a PHP interpreter, allowing an attacker to upload PHP data that will then be executed...

9.8CVSS6.1AI score0.0038EPSS
Exploits0References5
Rows per page
Query Builder