Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.1
KodExplorer 4.52 allows attackers to bypass security checks remotely
CVE-2026-6570
Summary
The KodExplorer software up to version 4.52 has a security flaw that allows attackers to bypass security checks. This means that hackers can potentially access parts of the system they shouldn't be able to. KodExplorer users should update to the latest version to fix this issue.
Original title
A security flaw has been discovered in kodcloud KodExplorer up to 4.52. Affected is the function initInstall of the file /app/controller/systemMember.class.php. Performing a manipulation of the arg...
Original description
A security flaw has been discovered in kodcloud KodExplorer up to 4.52. Affected is the function initInstall of the file /app/controller/systemMember.class.php. Performing a manipulation of the argument path results in authorization bypass. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
nvd CVSS2.0
3.3
nvd CVSS3.1
2.7
nvd CVSS4.0
5.1
Vulnerability type
CWE-285
Improper Authorization
CWE-639
Authorization Bypass Through User-Controlled Key
Published: 19 Apr 2026 · Updated: 19 Apr 2026 · First seen: 19 Apr 2026