A vulnerability was found in kodbox 1.26. It has been declared as critical. This vulnerability affects the function Execute of the file webconsole.php.txt of the component WebConsole Plug-In. The manipulation leads to os command injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-233476. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
5.5
EPSS Score
0.003
Published
2023-07-10
kodbox 1.2.x through 1.3.7 has a Sensitive Information Leakage issue.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-05-12
kodbox <= 1.37 is vulnerable to Cross Site Scripting (XSS) via the debug information.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-05-11
Page 2