CVE-2022-4944

MEDIUM

Kodcloud Kodexplorer < 4.49 - CSRF

Title source: rule

Description

A vulnerability, which was classified as problematic, has been found in kalcaddle KodExplorer up to 4.49. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.50 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-227000.

Exploits (3)

exploitdb WORKING POC

by Mr Empy · pythonwebappsphp

https://www.exploit-db.com/exploits/51388

View Code ZIP pw:eip

nomisec WORKING POC 2 stars

by brosck · poc

https://github.com/brosck/CVE-2022-4944

View Code ZIP pw:eip

inthewild WORKING POC

poc

https://github.com/mrempy/cve-2022-4944

View Code ZIP pw:eip

References (5)

[Issue Tracking, Third Party Advisory] https://github.com/kalcaddle/KodExplorer/issues/512

[Release Notes] https://github.com/kalcaddle/KodExplorer/releases/tag/4.50

[Third Party Advisory] https://vuldb.com/?ctiid.227000

[Third Party Advisory] https://vuldb.com/?id.227000

[Exploit] https://www.mediafire.com/file/709i2vxybergtg7/poc.zip/file

Scores

CVSS v3 4.3

EPSS 0.0232

EPSS Percentile 84.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Details

CWE

CWE-352

Status published

Products (1)

kodcloud/kodexplorer < 4.49

Published Apr 22, 2023

Tracked Since Feb 18, 2026