CVE-2023-39691
CRITICALDescription
An issue discovered in kodbox through 1.43 allows attackers to arbitrarily add Administrator accounts via crafted GET request.
Is your site exposed to CVE-2023-39691?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Affected Products
| Vendor | Product |
|---|---|
| kodcloud | kodbox |
References
Frequently Asked Questions
What is CVE-2023-39691? +
How severe is CVE-2023-39691? +
What products are affected by CVE-2023-39691? +
How do I check if I'm vulnerable to CVE-2023-39691? +
Related Vulnerabilities
A security vulnerability has been detected in kalcaddle kodbox 1.61. This affects the function fileGet/fileSave of the file app/controller/explorer/editor.class.php. The …
KodExplorer 4.52 contains an open redirect vulnerability in the user login page that allows attackers to manipulate the 'link' parameter. …
kodbox v1.43 was discovered to contain a cross-site scripting (XSS) vulnerability via the operation and login logs.
kodbox v1.49.04 was discovered to contain a cross-site scripting (XSS) vulnerability via the URL parameter.
An issue in kodbox v.1.52.04 and before allows a remote attacker to obtain sensitive information via the captcha feature in …
A vulnerability was found in kalcaddle kodbox 1.61. Affected by this vulnerability is an unknown functionality of the file /?explorer/upload/serverDownload …