CVE-2026-5618 | kalcaddle kodbox up to 1.64 shareMake/shareCheck siteFrom/siteTo server-side request forgery

Inserito da Angelo Barbosa | Apr 5, 2026 | CVE

A vulnerability has been found in kalcaddle kodbox up to 1.64 and classified as critical. This affects an unknown function of the component shareMake/shareCheck. Performing a manipulation of the argument siteFrom/siteTo results in server-side request forgery.

This vulnerability is reported as CVE-2026-5618. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-5618 | kalcaddle kodbox up to 1.64 shareMake/shareCheck siteFrom/siteTo server-side request forgery

Post correlati

CVE-2024-3027 | Smart Slider Plugin up to 3.5.1.22 on WordPress File Upload authorization

CVE-2025-10254 | Ascensio System SIA OnlyOffice up to 12.7.0 SVG Image Messages.aspx cross site scripting

CVE-2026-26993 | FlintSH Flare 1.7.1 SVG cross site scripting (GHSA-q8fp-w6m5-4gjm)

CVE-2024-2718 | Campcodes Complete Online DJ Booking System 1.0 booking-bwdates-reports-details.php fromdate cross site scripting