Kodexplorer Security Vulnerabilities and Issues — Kodexplorer CVE List

Lucene search

KodcloudKodexplorer

8 matches found

CVE•added 2023/12/19 10:15 a.m.•75 views

CVE-2023-49489

Reflective Cross Site Scripting (XSS) vulnerability in KodExplorer version 4.51, allows attackers to obtain sensitive information and escalate privileges via the APP_HOST parameter at config/i18n/en/main.php.

6.1CVSS6AI score0.00928EPSS

CVE•added 2023/12/16 12:15 p.m.•71 views

CVE-2023-6852

A vulnerability classified as critical has been found in kalcaddle KodExplorer up to 4.51.03. Affected is an unknown function of the file plugins/webodf/app.php. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to th...

9.8CVSS8.2AI score0.00169EPSS

CVE•added 2023/12/16 12:15 p.m.•64 views

CVE-2023-6853

A vulnerability classified as critical was found in kalcaddle KodExplorer up to 4.51.03. Affected by this vulnerability is the function index of the file plugins/officeLive/app.php. The manipulation of the argument path leads to server-side request forgery. The attack can be launched remotely. The ...

9.8CVSS8.2AI score0.00169EPSS

CVE•added 2023/04/22 6:15 p.m.•50 views

CVE-2022-4944

A vulnerability, which was classified as problematic, has been found in kalcaddle KodExplorer up to 4.49. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and...

8.8CVSS6.4AI score0.01634EPSS

CVE•added 2023/09/06 5:15 p.m.•46 views

CVE-2021-36646

A Cross Site Scrtpting (XSS) vulnerability in KodExplorer 4.45 allows remote attackers to run arbitrary code via /index.php page.

6.1CVSS6.2AI score0.02009EPSS

CVE•added 2023/12/16 9:15 a.m.•44 views

CVE-2023-6850

A vulnerability was found in kalcaddle KodExplorer up to 4.51.03. It has been declared as critical. This vulnerability affects unknown code of the file /index.php?pluginApp/to/yzOffice/getFile of the component API Endpoint Handler. The manipulation of the argument path/file leads to unrestricted up...

9.8CVSS8.2AI score0.00227EPSS

CVE•added 2023/12/16 11:15 a.m.•35 views

CVE-2023-6851

A vulnerability was found in kalcaddle KodExplorer up to 4.51.03. It has been rated as critical. This issue affects the function unzipList of the file plugins/zipView/app.php of the component ZIP Archive Handler. The manipulation leads to code injection. The attack may be initiated remotely. The ex...

9.8CVSS8.5AI score0.00239EPSS

CVE•added 2023/07/10 4:15 p.m.•28 views

CVE-2023-37153

KodExplorer 4.51 contains a Cross-Site Scripting (XSS) vulnerability in the Description box of the Light App creation feature. An attacker can exploit this vulnerability by injecting XSS syntax into the Description field.

6.1CVSS5.8AI score0.00159EPSS