A vulnerability was found in kalcaddle kodbox up to 1.48. It has been rated as critical. Affected by this issue is the function
cover
of the file plugins/fileThumb/app.php. The manipulation of the argument path leads to server-side request forgery.
This vulnerability is handled as CVE-2023-6849. The attack may be launched remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.