Kodbox Security Vulnerabilities and Issues — Kodbox CVE List

Lucene search

KodcloudKodbox

12 matches found

CVE•added 2023/12/16 8:15 a.m.•66 views

CVE-2023-6849

A vulnerability was found in kalcaddle kodbox up to 1.48. It has been rated as critical. Affected by this issue is the function cover of the file plugins/fileThumb/app.php. The manipulation of the argument path leads to server-side request forgery. The attack may be launched remotely. The exploit h...

9.8CVSS8.6AI score0.0019EPSS

CVE•added 2023/05/12 1:15 a.m.•40 views

CVE-2023-29790

kodbox 1.2.x through 1.3.7 has a Sensitive Information Leakage issue.

7.5CVSS7.5AI score0.00068EPSS

CVE•added 2023/05/11 9:15 p.m.•38 views

CVE-2023-29791

kodbox

6.1CVSS5.9AI score0.0009EPSS

CVE•added 2024/01/16 10:15 p.m.•38 views

CVE-2023-39691

An issue discovered in kodbox through 1.43 allows attackers to arbitrarily add Administrator accounts via crafted GET request.

9.8CVSS9.3AI score0.00239EPSS

CVE•added 2023/12/16 7:15 a.m.•38 views

CVE-2023-6848

A vulnerability was found in kalcaddle kodbox up to 1.48. It has been declared as critical. Affected by this vulnerability is the function check of the file plugins/officeViewer/controller/libreOffice/index.class.php. The manipulation of the argument soffice leads to command injection. The attack c...

9.8CVSS9.1AI score0.00967EPSS

CVE•added 2023/10/23 10:15 p.m.•37 views

CVE-2023-45998

kodbox 1.44 is vulnerable to Cross Site Scripting (XSS). Customizing global HTML results in storing XSS.

5.4CVSS5.3AI score0.00124EPSS

CVE•added 2023/07/10 9:15 p.m.•35 views

CVE-2023-3607

A vulnerability was found in kodbox 1.26. It has been declared as critical. This vulnerability affects the function Execute of the file webconsole.php.txt of the component WebConsole Plug-In. The manipulation leads to os command injection. The exploit has been disclosed to the public and may be use...

8CVSS7AI score0.00306EPSS

CVE•added 2023/11/18 12:15 a.m.•35 views

CVE-2023-48028

kodbox 1.46.01 has a security flaw that enables user enumeration. This problem is present on the login page, where an attacker can identify valid users based on varying response messages, potentially paving the way for a brute force attack.

9.8CVSS9.3AI score0.00297EPSS

CVE•added 2024/01/17 3:15 a.m.•35 views

CVE-2023-52069

kodbox v1.49.04 was discovered to contain a cross-site scripting (XSS) vulnerability via the URL parameter.

5.4CVSS5.3AI score0.00075EPSS

CVE•added 2024/01/16 10:15 p.m.•28 views

CVE-2023-52068

kodbox v1.43 was discovered to contain a cross-site scripting (XSS) vulnerability via the operation and login logs.

6.1CVSS6AI score0.0021EPSS

CVE•added 3 days ago•4 views

CVE-2025-10233

A security vulnerability has been detected in kalcaddle kodbox 1.61. This affects the function fileGet/fileSave of the file app/controller/explorer/editor.class.php. The manipulation of the argument path leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed p...

6.5CVSS6.3AI score0.00057EPSS

CVE•added 2025/08/25 7:15 p.m.•4 views

CVE-2025-9414

A vulnerability was found in kalcaddle kodbox 1.61. Affected by this vulnerability is an unknown functionality of the file /?explorer/upload/serverDownload of the component Download from Link Handler. Performing manipulation of the argument url results in server-side request forgery. Remote exploit...

5.8CVSS5AI score0.00043EPSS