Submeter #250378: KodExplorer KodExplorer ≤ 4.51.03 Auth bypass, unrestricted file read, RCEinformação

TítuloKodExplorer KodExplorer ≤ 4.51.03 Auth bypass, unrestricted file read, RCE
DescriçãoKodexplorer has an api endpoint auth bypass vuln, which allow evil user may access to api endpoint directly. Then builtin plugin webodf has an unrestricted file read vuln, which may allow evil user to read any file in the server, which will lead to RCE.
Fonte⚠️ https://note.zhaoj.in/share/P6lQNyqQn3zY
Utilizador
 glzjin (UID 59815)
Submissão11/12/2023 17h58 (há 2 anos)
Moderação15/12/2023 17h38 (4 days later)
EstadoAceite
Entrada VulDB248220 [kalcaddle KodExplorer até 4.51.03 plugins/webodf/app.php Elevação de Privilégios]
Pontos17

VoltarVisão GeralPróximo

Do you need the next level of professionalism?

Upgrade your account now!