Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
KodExplorer Share Feature Allows Remote File Access
CVE-2026-6568
Summary
A weakness in KodExplorer's share feature allows hackers to access files outside of the intended path. This means they could read or modify sensitive data on your server. Update to KodExplorer version 4.53 or later to fix the issue.
Original title
A vulnerability was determined in kodcloud KodExplorer up to 4.52. This affects the function share.class.php::initShareOld of the file /app/controller/share.class.php of the component Public Share ...
Original description
A vulnerability was determined in kodcloud KodExplorer up to 4.52. This affects the function share.class.php::initShareOld of the file /app/controller/share.class.php of the component Public Share Handler. This manipulation of the argument path causes path traversal. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
nvd CVSS2.0
7.5
nvd CVSS3.1
7.3
nvd CVSS4.0
6.9
Vulnerability type
CWE-22
Path Traversal
Published: 19 Apr 2026 · Updated: 19 Apr 2026 · First seen: 19 Apr 2026