Lucene search
K

30 matches found

Metasploit
Metasploit
added 2026/06/16 7:2 p.m.162 views

Xerte Online Toolkits Arbitrary File Upload - Unauthenticated Media Upload

This module bypasses authentication failure, extension blacklist, and path traversal vulnerabilities in the /editor/elfinder/php/connector.php endpoint to upload and execute a shell in Xerte Online Toolkits versions 3.15 commit 4e40f8030a2e3267267db7ce03e0ff57270be6f5 as there's no patch versions...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/25 1:22 a.m.12 views

CVE-2026-34414

Xerte Online Toolkits versions 3.15 and earlier contain a relative path traversal vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where the name parameter in rename commands is not sanitized for path traversal sequences. Attackers can supply a name value...

7.1CVSS6.4AI score0.02826EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/23 8:38 p.m.5 views

CVE-2026-41459

Xerte Online Toolkits versions 3.15 and earlier contain an information disclosure vulnerability that allows unauthenticated attackers to retrieve the full server-side filesystem path of the application root. Attackers can send a GET request to the /setup page to access the exposed rootpath value...

6.9CVSS5.8AI score0.00801EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/22 9:32 p.m.6 views

EUVD-2026-25069

Xerte Online Toolkits versions 3.15 and earlier contain an incomplete input validation vulnerability in the elFinder connector endpoint that fails to block PHP-executable extensions .php4 due to an incorrect regex pattern. Unauthenticated attackers can exploit this flaw combined with authenticati...

9.8CVSS6AI score0.03575EPSS
Exploits1References8
EUVD
EUVD
added 2026/04/22 9:32 p.m.13 views

EUVD-2026-25067

Xerte Online Toolkits versions 3.15 and earlier contain a missing authentication vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where an HTTP redirect to unauthenticated callers does not call exit or die, allowing PHP execution to continue and process the...

8.8CVSS6.6AI score0.02804EPSS
Exploits1References8
NVD
NVD
added 2026/04/22 7:17 p.m.5 views

CVE-2026-41459

Xerte Online Toolkits versions 3.15 and earlier contain an information disclosure vulnerability that allows unauthenticated attackers to retrieve the full server-side filesystem path of the application root. Attackers can send a GET request to the /setup page to access the exposed rootpath value...

6.9CVSS0.00801EPSS
Exploits1References6
NVD
NVD
added 2026/04/22 7:17 p.m.14 views

CVE-2026-34413

Xerte Online Toolkits versions 3.15 and earlier contain a missing authentication vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where an HTTP redirect to unauthenticated callers does not call exit or die, allowing PHP execution to continue and process the...

8.8CVSS0.02804EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 2026/04/22 6:33 p.m.3 views

CVE-2026-34413

Xerte Online Toolkits versions 3.15 and earlier contain a missing authentication vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where an HTTP redirect to unauthenticated callers does not call exit or die, allowing PHP execution to continue and process the...

8.8CVSS6.6AI score0.02804EPSS
Exploits1References9
Cvelist
Cvelist
added 2026/04/22 6:33 p.m.30 views

CVE-2026-34413 Xerte Online Toolkits Missing Authentication via connector.php

Xerte Online Toolkits versions 3.15 and earlier contain a missing authentication vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where an HTTP redirect to unauthenticated callers does not call exit or die, allowing PHP execution to continue and process the...

8.8CVSS0.02804EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2026/04/22 6:33 p.m.5 views

CVE-2026-34413 Xerte Online Toolkits Missing Authentication via connector.php

Xerte Online Toolkits versions 3.15 and earlier contain a missing authentication vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where an HTTP redirect to unauthenticated callers does not call exit or die, allowing PHP execution to continue and process the...

8.8CVSS6.6AI score0.02804EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2026/04/22 6:33 p.m.5 views

CVE-2026-34415 Xerte Online Toolkits File Upload RCE via elfinder Connector

Xerte Online Toolkits versions 3.15 and earlier contain an incomplete input validation vulnerability in the elFinder connector endpoint that fails to block PHP-executable extensions .php4 due to an incorrect regex pattern. Unauthenticated attackers can exploit this flaw combined with authenticati...

9.8CVSS6AI score0.03575EPSS
Exploits1References8
Cvelist
Cvelist
added 2026/04/22 6:33 p.m.30 views

CVE-2026-34415 Xerte Online Toolkits File Upload RCE via elfinder Connector

Xerte Online Toolkits versions 3.15 and earlier contain an incomplete input validation vulnerability in the elFinder connector endpoint that fails to block PHP-executable extensions .php4 due to an incorrect regex pattern. Unauthenticated attackers can exploit this flaw combined with authenticati...

9.8CVSS0.03575EPSS
Exploits1References8
Cvelist
Cvelist
added 2026/04/22 6:32 p.m.38 views

CVE-2026-34414 Xerte Online Toolkits Path Traversal via connector.php

Xerte Online Toolkits versions 3.15 and earlier contain a relative path traversal vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where the name parameter in rename commands is not sanitized for path traversal sequences. Attackers can supply a name value...

7.1CVSS0.02826EPSS
Exploits1References8
CVE
CVE
added 2026/04/22 6:32 p.m.11 views

CVE-2026-34414

CVE-2026-34414 affects Xerte Online Toolkits versions ≤ 3.15. A relative path traversal vulnerability exists in the elFinder connector endpoint at /editor/elfinder/php/connector.php, where the name parameter in rename commands is not sanitized for path traversal sequences. An attacker can supply ...

7.1CVSS6.3AI score0.02826EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2026/04/22 6:32 p.m.6 views

CVE-2026-34414 Xerte Online Toolkits Path Traversal via connector.php

Xerte Online Toolkits versions 3.15 and earlier contain a relative path traversal vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where the name parameter in rename commands is not sanitized for path traversal sequences. Attackers can supply a name value...

7.1CVSS6.3AI score0.02826EPSS
Exploits1References8
CVE
CVE
added 2026/04/22 6:32 p.m.10 views

CVE-2026-41459

CVE-2026-41459 (Xerte Online Toolkits) affects versions 3.15 and earlier. An information disclosure vulnerability allows unauthenticated attackers to retrieve the full server-side filesystem path of the application root by requesting the /setup page, where the exposed root_path value is rendered ...

6.9CVSS5.8AI score0.00801EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/04/22 6:32 p.m.8 views

CVE-2026-41459

Xerte Online Toolkits versions 3.15 and earlier contain an information disclosure vulnerability that allows unauthenticated attackers to retrieve the full server-side filesystem path of the application root. Attackers can send a GET request to the /setup page to access the exposed rootpath value...

6.9CVSS5.8AI score0.00801EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.9 views

PT-2026-34536

Xerte Online Toolkits versions 3.15 and earlier contain a relative path traversal vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where the name parameter in rename commands is not sanitized for path traversal sequences. Attackers can supply a name value...

7.1CVSS6.3AI score0.02826EPSS
Exploits1References10
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.10 views

Xerte Online Toolkits 安全漏洞

Xerte Online Toolkits is an online learning content creation platform provided by British company Xerte. Versions of Xerte Online Toolkits 3.15 and earlier contained a security vulnerability. This vulnerability stemmed from incomplete input validation at the elFinder connector endpoint, allowing...

9.8CVSS6.1AI score0.03575EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.7 views

PT-2026-34539

Xerte Online Toolkits versions 3.15 and earlier contain an information disclosure vulnerability that allows unauthenticated attackers to retrieve the full server-side filesystem path of the application root. Attackers can send a GET request to the /setup page to access the exposed root path value...

6.9CVSS5.8AI score0.00801EPSS
Exploits1References8
Rows per page
Query Builder