CVE-2026-6570 | kodcloud KodExplorer up to 4.52 systemMember.class.php initInstall path authorization

A vulnerability classified as problematic has been found in kodcloud KodExplorer up to 4.52. Affected is the function initInstall of the file /app/controller/systemMember.class.php. Performing a manipulation of the argument path results in authorization bypass.

This vulnerability was named CVE-2026-6570. The attack may be initiated remotely. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More