| 제목 | KodExplorer KodExplorer ≤ 4.51.03 Auth bypass, unrestricted file read, RCE |
|---|
| 설명 | Kodexplorer has an api endpoint auth bypass vuln, which allow evil user may access to api endpoint directly. Then builtin plugin OfficeLIve has an unrestricted file read vuln, which may allow evil user to read any file in the server, which will lead to RCE. |
|---|
| 원천 | ⚠️ https://note.zhaoj.in/share/oaYHbDTnPiU3 |
|---|
| 사용자 | glzjin (UID 59815) |
|---|
| 제출 | 2023. 12. 11. PM 05:59 (2 연령 ago) |
|---|
| 모더레이션 | 2023. 12. 15. PM 05:38 (4 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 248221 [kalcaddle KodExplorer 까지 4.51.03 app.php index path 권한 상승] |
|---|
| 포인트들 | 17 |
|---|