Vulnerabilities

Report: CVE-2026-6570 - kodcloud KodExplorer systemMember.class.php initInstall authorization

2026-04-19 0 views admin

CVE ID :CVE-2026-6570 Published : April 19, 2026, 11 a.m. | 1 hour, 5 minutes ago Description :A security flaw has been discovered in kodcloud KodExplorer up to 4.52. Affected is the function initInstall of the file /app/controller/systemMember.class.php. Performing a manipulation of the argument path results in authorization bypass. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-6570

Published

April 19, 2026

Affected Product: php

🏷️ Tags

reportkodcloudkodexplorersystemmemberclassinitinstallauthorizationpublishedcvecve-2026-6570

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-6570 - kodcloud KodExplorer systemMember.class.php initInstall authorization

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-6571 - kodcloud KodExplorer systemRole.class.php roleGroupAction authorization

Report: Ultimate Guide: CVE-2026-6572 - Collabora KodExplorer fileUpload Endpoint share.class.php improper authorization

Report: CVE-2026-6573 - PHPEMS Instant Exam Creation exams.master.php temppage server-side request forgery

Report: CVE-2026-6574 - osuuu LightPicture API Upload Endpoint lp.sql hard-coded credentials - Full Analysis

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting