Path Traversal in kalcaddle/KodExplorer

Valid
Reported on May 20th 2021

✍️ Description

I have confirmed a file transversal vulnerability on any server running Kodexplorer, Malicious user can read any file

🕵️‍♂️ Proof of Concept

First setup local installation of kodExplorer.

If the server is running with root permission:

http://<kodexplorer_host>/index.php?editor/fileGet&filename=/etc/passwd

Otherwise, the malicious user can access other config files