CVE-2023-6849 | kalcaddle kodbox up to 1.48 app.php cover path server-side request forgery

Inserito da Angelo Barbosa | Dic 15, 2023 | CVE

A vulnerability was found in kalcaddle kodbox up to 1.48. It has been rated as critical. Affected by this issue is the function cover of the file plugins/fileThumb/app.php. The manipulation of the argument path leads to server-side request forgery.

This vulnerability is handled as CVE-2023-6849. The attack may be launched remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2023-6849 | kalcaddle kodbox up to 1.48 app.php cover path server-side request forgery

Post correlati

CVE-2024-41108 | FOGproject FOG prior 1.5.10.41 Hostinfo Page information disclosure (GHSA-p3f9-4jj4-fm2g)

CVE-2024-23559 | HCL DevOps Deploy/Launch up to 7.0.5.20/7.1.2.16/7.2.3.9/7.3.2.4/8.0.0.1 HTTP Header Privilege Escalation (KB0111924)

CVE-2024-35246 | Westermo L210-F2G Lynx 4.21.0 improper control of interaction frequency (icsa-24-172-03)

CVE-2024-34585 | Samsung Devices up to SMR Feb-2021 Release 1 SystemUI access control