CVE-2023-6851 | kalcaddle KodExplorer up to 4.51.03 ZIP Archive plugins/zipView/app.php unzipList code injection

Posted by Angelo Barbosa | Dec 15, 2023 | CVE

A vulnerability was found in kalcaddle KodExplorer up to 4.51.03. It has been rated as critical. This issue affects the function unzipList of the file plugins/zipView/app.php of the component ZIP Archive Handler. The manipulation leads to code injection.

The identification of this vulnerability is CVE-2023-6851. The attack may be initiated remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2023-6851 | kalcaddle KodExplorer up to 4.51.03 ZIP Archive plugins/zipView/app.php unzipList code injection

Related Posts

CVE-2023-25200 | MT Safeline X-Ray X3310 NXG 19.05 Webserver cross site scripting

CVE-2023-42959 | Apple macOS up to 13.x race condition

CVE-2023-52284 | Bytecode Alliance wasm-micro-runtime up to 1.2.x Module push_pop_frame_ref_offset double free (Issue 2586)

CVE-2024-5414 | PhpMyBackupPro 2.3 URL get_file.php view cross site scripting