Path Traversal in kalcaddle/kodexplorer

Valid

Reported on

May 20th 2021

✍️ Description

I have confirmed a file transversal vulnerability on any server running Kodexplorer, Malicious user can read any file

🕵️‍♂️ Proof of Concept

First setup local installation of kodExplorer.

If the server is running with root permission:

http://<kodexplorer_host>/index.php?editor/fileGet&filename=/etc/passwd

Otherwise, the malicious user can access other config files

warlee

commented 2 years ago

Maintainer

The design is like this, the administrator allows to manage server directories and files

Rishabh Shukla

commented 2 years ago

Researcher

warlee can you also take a look at https://huntr.dev/bounties/8-other-kalcaddle/KodExplorer/

warlee

commented 2 years ago

Maintainer

very thanks Rishabh Shukla, we will fixed it next version.

Pavlos

commented 2 years ago

Admin

ffff

Pavlos

commented 2 years ago

Admin

sorry about that ^...

to join this conversation

warlee

commented 2 years ago

Maintainer

The design is like this, the administrator allows to manage server directories and files

Rishabh Shukla

commented 2 years ago

Researcher

warlee can you also take a look at https://huntr.dev/bounties/8-other-kalcaddle/KodExplorer/

warlee

commented 2 years ago

Maintainer

very thanks Rishabh Shukla, we will fixed it next version.

Pavlos

commented 2 years ago

Admin

ffff

Pavlos

commented 2 years ago

Admin

sorry about that ^...

to join this conversation