CVE-2023-6849 | kalcaddle kodbox up to 1.48 app.php cover path server-side request forgery

Posted by Angelo Barbosa | Dec 15, 2023 | CVE

A vulnerability was found in kalcaddle kodbox up to 1.48. It has been rated as critical. Affected by this issue is the function cover of the file plugins/fileThumb/app.php. The manipulation of the argument path leads to server-side request forgery.

This vulnerability is handled as CVE-2023-6849. The attack may be launched remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2023-6849 | kalcaddle kodbox up to 1.48 app.php cover path server-side request forgery

Related Posts

CVE-2024-28725 | YzmCMS 7.0 cross site scripting

CVE-2022-48899 | Linux Kernel up to 4.19.269/5.4.228/5.10.163/5.15.88/6.1.6 virtio use after free

CVE-2023-42974 | Apple iOS/iPadOS App race condition

CVE-2023-6486 | Spectra Plugin up to 2.10.3 on WordPress Custom CSS cross site scripting