VYPR
Vendor

Kodcloud

Products
2
CVEs
36
Across products
36
Status
Private

Products

2

Recent CVEs

36
View all 36 CVEs →
  • CVE-2026-6569HigApr 19, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in kodcloud KodExplorer up to 4.52. This impacts the function fileGet of the file /app/controller/share.class.php of the component fileGet Endpoint. Such manipulation of the argument fileUrl leads to improper authentication. The attack can be…

  • CVE-2026-6568HigApr 19, 2026
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was determined in kodcloud KodExplorer up to 4.52. This affects the function share.class.php::initShareOld of the file /app/controller/share.class.php of the component Public Share Handler. This manipulation of the argument path causes path traversal. The attack…

  • CVE-2026-8753MedMay 17, 2026
    risk 0.41cvss 6.3epss 0.01

    A security vulnerability has been detected in kalcaddle Kodbox up to 1.64. This issue affects the function parseVideoInfo of the file /workspace/source-code/plugins/fileThumb/lib/VideoResize.class.php of the component fileThumb Plugin. The manipulation of the argument ffmpegBin…

  • CVE-2026-6571MedApr 19, 2026
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in kodcloud KodExplorer up to 4.52. Affected by this vulnerability is the function roleGroupAction of the file /app/controller/systemRole.class.php. Executing a manipulation of the argument group_role can lead to authorization bypass. The attack…

  • CVE-2026-4589MedMar 23, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in kalcaddle kodbox 1.64. The affected element is the function PathDriverUrl of the file /workspace/source-code/app/controller/explorer/editor.class.php of the component fileGet Endpoint. Such manipulation of the argument path leads to server-side…

  • CVE-2026-2560MedFeb 16, 2026
    risk 0.41cvss 6.3epss 0.02

    A vulnerability has been found in kalcaddle kodbox up to 1.64.05. The impacted element is the function run of the file plugins/fileThumb/lib/VideoResize.class.php of the component Media File Preview Plugin. Such manipulation of the argument localFile leads to os command…

  • CVE-2026-1066MedJan 17, 2026
    risk 0.41cvss 6.3epss 0.05

    A vulnerability was detected in kalcaddle kodbox up to 1.61.10. This issue affects some unknown processing of the file /?explorer/index/zip of the component Compression Handler. The manipulation results in command injection. The attack may be launched remotely. The exploit is…

  • CVE-2025-10233MedSep 10, 2025
    risk 0.41cvss 6.3epss 0.00

    A security vulnerability has been detected in kalcaddle kodbox 1.61. This affects the function fileGet/fileSave of the file app/controller/explorer/editor.class.php. The manipulation of the argument path leads to path traversal. The attack can be initiated remotely. The exploit…

  • CVE-2026-6572MedApr 19, 2026
    risk 0.36cvss 5.6epss 0.00

    A security vulnerability has been detected in Collabora KodExplorer up to 4.52. Affected by this issue is some unknown functionality of the file /app/controller/share.class.php of the component fileUpload Endpoint. The manipulation of the argument fileUpload leads to improper…

  • CVE-2026-5618MedApr 6, 2026
    risk 0.36cvss 5.6epss 0.00

    A vulnerability was detected in kalcaddle kodbox up to 1.64. This affects an unknown function of the component shareMake/shareCheck. Performing a manipulation of the argument siteFrom/siteTo results in server-side request forgery. The attack is possible to be carried out…

  • CVE-2026-4830MedMar 26, 2026
    risk 0.36cvss 5.6epss 0.00

    A vulnerability was identified in kalcaddle kodbox 1.64. This issue affects the function Add of the file app/controller/explorer/userShare.class.php of the component Public Share Handler. Such manipulation leads to unrestricted upload. The attack can be executed remotely. This…

  • CVE-2026-4592MedMar 23, 2026
    risk 0.36cvss 5.6epss 0.00

    A security vulnerability has been detected in kalcaddle kodbox 1.64. This impacts the function loginAfter/tfaVerify of the file /workspace/source-code/plugins/client/controller/tfa/index.class.php of the component Password Login. The manipulation leads to improper…

  • CVE-2026-4591MedMar 23, 2026
    risk 0.31cvss 4.7epss 0.02

    A weakness has been identified in kalcaddle kodbox 1.64. This affects the function checkBin of the file /workspace/source-code/plugins/fileThumb/app.php of the component fileThumb Endpoint. Executing a manipulation can lead to os command injection. The attack can be executed…

  • CVE-2025-9414MedAug 25, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was found in kalcaddle kodbox 1.61. Affected by this vulnerability is an unknown functionality of the file /?explorer/upload/serverDownload of the component Download from Link Handler. Performing manipulation of the argument url results in server-side request…

  • CVE-2025-11016MedSep 26, 2025
    risk 0.28cvss 4.3epss 0.00

    A security vulnerability has been detected in kalcaddle kodbox up to 1.61.09. The affected element is the function fileOut of the file app/controller/explorer/index.class.php. Such manipulation of the argument path leads to path traversal. The attack may be performed from…

  • CVE-2026-4831LowMar 26, 2026
    risk 0.24cvss 3.7epss 0.00

    A security flaw has been discovered in kalcaddle kodbox 1.64. Impacted is the function can of the file /workspace/source-code/app/controller/explorer/auth.class.php of the component Password-protected Share Handler. Performing a manipulation results in improper authentication.…

  • CVE-2026-4588LowMar 23, 2026
    risk 0.24cvss 3.7epss 0.00

    A vulnerability was determined in kalcaddle kodbox 1.64. Impacted is the function shareSafeGroup of the file /workspace/source-code/app/controller/explorer/shareOut.class.php of the component Site-level API key Handler. This manipulation of the argument sk causes use of…

  • CVE-2026-4590LowMar 23, 2026
    risk 0.20cvss 3.1epss 0.00

    A security flaw has been discovered in kalcaddle kodbox 1.64. The impacted element is an unknown function of the file /workspace/source-code/plugins/oauth/controller/bind/index.class.php of the component loginSubmit API. Performing a manipulation of the argument third results in…

  • CVE-2026-6570LowApr 19, 2026
    risk 0.18cvss 2.7epss 0.00

    A security flaw has been discovered in kodcloud KodExplorer up to 4.52. Affected is the function initInstall of the file /app/controller/systemMember.class.php. Performing a manipulation of the argument path results in authorization bypass. The attack may be initiated remotely.…

  • CVE-2022-4944Apr 22, 2023
    risk 0.03cvss epss 0.03

    A vulnerability, which was classified as problematic, has been found in kalcaddle KodExplorer up to 4.49. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been…