CNNVD-202509-4100 Information

CNNVD ID

CNNVD-202509-4100

Related CVE

CVE-2025-11016

• CNNVD Published: 2025-09-26

Description (Chinese)

kodbox是warlee个人开发者的一个网络文件管理器。 kodbox 1.61.09及之前版本存在路径遍历漏洞，该漏洞源于对文件app/controller/explorer/index.class.php中函数fileOut的参数path的错误操作，可能导致路径遍历攻击。

Description (English)

kodbox is a web file manager for individual warlee developers. kodbox 1.61.09 and previous versions have path-to-path loopholes, which result from the error of the parameter path for function fileapp/controller/explorer/index.class.php, which could lead to a path-to-path attack.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

LitexMedia

Published

2025-09-26

Last Modified

2026-02-24

References

https://github.com/August829/YU1/issues/3 https://github.com/August829/YU1/issues/3#issue-3416620392 https://vuldb.com/?ctiid.325959 https://vuldb.com/?id.325959 https://vuldb.com/?submit.654367 https://access.redhat.com/security/cve/cve-2025-11016