Path Traversal in kalcaddle/kodexplorer

Valid

Reported on

May 20th 2021


✍️ Description

I have confirmed a file transversal vulnerability on any server running Kodexplorer, Malicious user can read any file

🕵️‍♂️ Proof of Concept

First setup local installation of kodExplorer.

If the server is running with root permission:

http://<kodexplorer_host>/index.php?editor/fileGet&filename=/etc/passwd

Otherwise, the malicious user can access other config files

warlee
a year ago

Maintainer


The design is like this, the administrator allows to manage server directories and files

Rishabh Shukla
a year ago

Researcher


warlee can you also take a look at https://huntr.dev/bounties/8-other-kalcaddle/KodExplorer/

warlee
a year ago

Maintainer


very thanks Rishabh Shukla, we will fixed it next version.

Pavlos
a year ago

Admin


ffff

Pavlos
a year ago

Admin


sorry about that ^...

to join this conversation