CVE-2026-34413 | thexerteproject xerteonlinetoolkits up to 3.13.0/3.14.0/3.15.0 elFinder Connector Endpoint connector.php exposure of sensitive system information to an unauthorized control sphere (ID 1527)

A vulnerability classified as critical was found in thexerteproject xerteonlinetoolkits up to 3.13.0/3.14.0/3.15.0. This issue affects some unknown processing of the file /editor/elfinder/php/connector.php of the component elFinder Connector Endpoint. Executing a manipulation can lead to exposure of sensitive system information to an unauthorized control sphere.

The identification of this vulnerability is CVE-2026-34413. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More