| عنوان | KodExplorer KodExplorer ≤ 4.51.03 Auth bypass, unrestricted file read, RCE |
|---|
| الوصف | Kodexplorer has an api endpoint auth bypass vuln, which allow evil user may access to api endpoint directly. Then builtin plugin webodf has an unrestricted file read vuln, which may allow evil user to read any file in the server, which will lead to RCE. |
|---|
| المصدر | ⚠️ https://note.zhaoj.in/share/P6lQNyqQn3zY |
|---|
| المستخدم | glzjin (UID 59815) |
|---|
| ارسال | 11/12/2023 05:58 PM (2 سنوات منذ) |
|---|
| الاعتدال | 15/12/2023 05:38 PM (4 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 248220 [kalcaddle KodExplorer حتى 4.51.03 plugins/webodf/app.php تجاوز الصلاحيات] |
|---|
| النقاط | 17 |
|---|