Title: KodiCMS 13.82.135 Code Injection Description: Arbitrary PHP Code Execution via Layout API in KodiCMS Affected Version: KodiCMS ≤ 13.82.135 (all versions) Vendor: KodiCMS-Kohana GitHub Repository (https://github.com/KodiCMS-Kohana/) Software: KodiCMS Vulnerability Files: cms/modules/kodicms/classes/kodicms/model/file.php cms/modules/kodicms/controller/api/layout.php Description 1. Arbitrary PHP Code Execution via Layout API: File : The function uses to write user-controlled content directly to PHP files without any sanitization. The Layout API endpoint allows authenticated users to create or modify layout files with arbitrary PHP code. 2. Exploiting the Vulnerability: By sending a crafted PUT request to the Layout API endpoint with malicious PHP code in the parameter, an attacker can create a webshell on the server. The created PHP file is stored in the directory, which is publicly accessible via web browser.