Skip to content
cyberMEDIUM2026-04-22 19:17 UTC

CVE-2026-34415 - Xerte Online Toolkits File Upload RCE via elfinder Connector

CVE ID :CVE-2026-34415 Published : April 22, 2026, 7:17 p.m. | 23 minutes ago Description :Xerte Online Toolkits versions 3.15 and earlier contain an incomplete input validation vulnerability in the elFinder connector endpoint that fails to block PHP-executable extensions .php4 due to an incor

ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD

Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.

GET THE SUNDAY BRIEFING →

RELATED · cyber

Editorial policy · Report a correction