@offseq.bsky.social on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

OffSequence

offseq.bsky.social

did:plc:t5t6qep2vfipbi7f54demwev

CRITICAL vuln in xerteonlinetoolkits ≤3.15: attackers can upload & execute .php4 files via elFinder endpoint, risking server takeover. Restrict access, monitor uploads, apply custom filters. Patch status: unconfirmed. https://radar.offseq.com/threat/cve-2026-34415-cwe-184-incomplete-list-of-disal... https://radar.offseq.com/threat/cve-2026-34415-cwe-184-incomplete-list-of-disallow-f774ae94

2026-04-23T07:30:29.657Z