15Ara
CVE-2023-6850 | kalcaddle KodExplorer up to 4.51.03 API Endpoint path/file unrestricted upload
A vulnerability was found in kalcaddle KodExplorer up to 4.51.03. It has been declared as critical. This vulnerability affects unknown code of the file /index.php?pluginApp/to/yzOffice/getFile of the component API Endpoint Handler. The manipulation of the argument path/file leads to unrestricted upload. This vulnerability was named CVE-2023-6850. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.