Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Arbitrary file access in KodExplorer
Vulnerability Description
Kodexplorer is a chinese language web based file manager and browser based code editor. Versions prior to 4.50 did not prevent unauthenticated users from requesting arbitrary files from the host OS file system. As a result any files available to the host process may be accessed by arbitrary users. This issue has been addressed in version 4.50. Users are advised to upgrade. There are no known workarounds for this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
KodExplorer 路径遍历漏洞
Vulnerability Description
KodExplorer是warlee个人开发者的一个 web 文件管理器。 KodExplorer 4.50之前版本存在路径遍历漏洞,该漏洞源于不能阻止未经身份验证的用户从主机OS文件系统中读取任意文件。攻击者利用该漏洞可以访问主机进程可用的任何文件。
CVSS Information
N/A
Vulnerability Type
N/A