CVE-2026-6568

Summary

A vulnerability was determined in kodcloud KodExplorer up to 4.52. This affects the function share.class.php::initShareOld of the file /app/controller/share.class.php of the component Public Share Handler. This manipulation of the argument path causes path traversal. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Affected Software

VendorProductVersion RangeStatus
kodcloudKodExplorer4.0affected
kodcloudKodExplorer4.1affected
kodcloudKodExplorer4.2affected
kodcloudKodExplorer4.3affected
kodcloudKodExplorer4.4affected
kodcloudKodExplorer4.5affected
kodcloudKodExplorer4.6affected
kodcloudKodExplorer4.7affected
kodcloudKodExplorer4.8affected
kodcloudKodExplorer4.9affected
kodcloudKodExplorer4.10affected
kodcloudKodExplorer4.11affected
kodcloudKodExplorer4.12affected
kodcloudKodExplorer4.13affected
kodcloudKodExplorer4.14affected
kodcloudKodExplorer4.15affected
kodcloudKodExplorer4.16affected
kodcloudKodExplorer4.17affected
kodcloudKodExplorer4.18affected
kodcloudKodExplorer4.19affected
kodcloudKodExplorer4.20affected
kodcloudKodExplorer4.21affected
kodcloudKodExplorer4.22affected
kodcloudKodExplorer4.23affected
kodcloudKodExplorer4.24affected
kodcloudKodExplorer4.25affected
kodcloudKodExplorer4.26affected
kodcloudKodExplorer4.27affected
kodcloudKodExplorer4.28affected
kodcloudKodExplorer4.29affected
kodcloudKodExplorer4.30affected
kodcloudKodExplorer4.31affected
kodcloudKodExplorer4.32affected
kodcloudKodExplorer4.33affected
kodcloudKodExplorer4.34affected
kodcloudKodExplorer4.35affected
kodcloudKodExplorer4.36affected
kodcloudKodExplorer4.37affected
kodcloudKodExplorer4.38affected
kodcloudKodExplorer4.39affected
kodcloudKodExplorer4.40affected
kodcloudKodExplorer4.41affected
kodcloudKodExplorer4.42affected
kodcloudKodExplorer4.43affected
kodcloudKodExplorer4.44affected
kodcloudKodExplorer4.45affected
kodcloudKodExplorer4.46affected
kodcloudKodExplorer4.47affected
kodcloudKodExplorer4.48affected
kodcloudKodExplorer4.49affected
kodcloudKodExplorer4.50affected
kodcloudKodExplorer4.51affected
kodcloudKodExplorer4.52affected

Weaknesses

  • CWE-22: Path Traversal

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References