Enviar #750944: kalcaddle kodbox <=1.64.05 Command Injectioninformación

Títulokalcaddle kodbox <=1.64.05 Command Injection
DescripciónKodbox v1.64.05 contains an OS Command Injection vulnerability in the VideoResize.class.php component. The vulnerability exists in the run() method, where user-controlled file paths are concatenated directly into a shell command string for ffmpeg execution. This allows authenticated remote attackers to execute arbitrary system commands via shell metacharacters contained within a crafted filename during the video transcoding process.
Fuente⚠️ https://gist.github.com/DReazer/d7380aca4ade9fd73b688633901367ed
Usuario
 Snkn0w (UID 90071)
Sumisión2026-02-03 07:56 (hace 3 meses)
Moderación2026-02-15 20:07 (13 days later)
EstadoAceptado
Entrada de VulDB346167 [kalcaddle kodbox hasta 1.64.05 Media File Preview Plugin VideoResize.class.php run localFile escalada de privilegios]
Puntos20

AnteriorVisión De ConjuntoPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!