CVE-2026-1066

The CVE-2026-1066 entry describes a command-injection vulnerability in kalcaddle kodbox (up to version 1.61.10) related to the Compression Handler when processing the file /?explorer/index/zip. The issue can be exploited remotely; the exploit is public. Details on vulnerable component, root cause...

CVE-2026-1066 kalcaddle kodbox Compression zip command injection

A vulnerability was detected in kalcaddle kodbox up to 1.61.10. This issue affects some unknown processing of the file /?explorer/index/zip of the component Compression Handler. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public and may b...

EUVD-2026-3128

A vulnerability was detected in kalcaddle kodbox up to 1.61.10. This issue affects some unknown processing of the file /?explorer/index/zip of the component Compression Handler. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public and may b...

CVE-2023-34878

An issue was discovered in Ujcms v6.0.2 allows attackers to gain sensitive information via the dir parameter to /api/backend/core/web-file-html/download-zip...

PT-2023-25044 · Ujcms · Ujcms

Name of the Vulnerable Software and Affected Versions: Ujcms version 6.0.2 Description: An issue in Ujcms allows attackers to gain sensitive information via the dir parameter to the "/api/backend/core/web-file-html/download-zip" API endpoint. Recommendations: For Ujcms version 6.0.2, as a tempora...