CVE-2026-6570

A security flaw has been discovered in kodcloud KodExplorer up to 4.52. Affected is the function initInstall of the file /app/controller/systemMember.class.php. Performing a manipulation of the argument path results in authorization bypass. The attack may be initiated remotely. The exploit has be...

CVE-2026-6569

A vulnerability was identified in kodcloud KodExplorer up to 4.52. This impacts the function fileGet of the file /app/controller/share.class.php of the component fileGet Endpoint. Such manipulation of the argument fileUrl leads to improper authentication. The attack can be launched remotely. The...

CVE-2026-6568 kodcloud KodExplorer Public Share share.class.php initShareOld path traversal

A vulnerability was determined in kodcloud KodExplorer up to 4.52. This affects the function share.class.php::initShareOld of the file /app/controller/share.class.php of the component Public Share Handler. This manipulation of the argument path causes path traversal. The attack can be initiated...

EUVD-2023-41073

Malicious code in bioql PyPI...

EUVD-2023-59054

Malicious code in bioql PyPI...

CVE-2023-6853

A vulnerability classified as critical was found in kalcaddle KodExplorer up to 4.51.03. Affected by this vulnerability is the function index of the file plugins/officeLive/app.php. The manipulation of the argument path leads to server-side request forgery. The attack can be launched remotely. Th...

CVE-2022-4944

A vulnerability, which was classified as problematic, has been found in kalcaddle KodExplorer up to 4.49. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public a...

CVE-2021-36646

A Cross Site Scrtpting XSS vulnerability in KodExplorer 4.45 allows remote attackers to run arbitrary code via /index.php page...

PT-2023-25811 · Unknown · Kodexplorer

Name of the Vulnerable Software and Affected Versions: KodExplorer version 4.51 Description: The issue concerns a Cross-Site Scripting XSS vulnerability located in the Description box of the Light App creation feature. An attacker can exploit this by injecting XSS syntax into the Description fiel...

KodExplorer Cross-Site Request Forgery Vulnerability

KodExplorer is a web file manager by warlee personal developer. A cross-site request forgery vulnerability exists in KodExplorer versions prior to 4.49, which stems from the presence of an unknown function that leads to a cross-site request forgery vulnerability. No details of the vulnerability a...

CVE-2022-46154 Arbitrary file access in KodExplorer

Kodexplorer is a chinese language web based file manager and browser based code editor. Versions prior to 4.50 did not prevent unauthenticated users from requesting arbitrary files from the host OS file system. As a result any files available to the host process may be accessed by arbitrary users...