Vulnerabilities > Kodcloud > Kodbox > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-16 CVE-2023-39691 Unspecified vulnerability in Kodcloud Kodbox
An issue discovered in kodbox through 1.43 allows attackers to arbitrarily add Administrator accounts via crafted GET request.
network
low complexity
kodcloud
critical
 9.8
9.8
2023-12-16 CVE-2023-6849 Server-Side Request Forgery (SSRF) vulnerability in Kodcloud Kodbox
A vulnerability was found in kalcaddle kodbox up to 1.48.
network
low complexity
kodcloud CWE-918
critical
 9.8
9.8
2023-12-16 CVE-2023-6848 Command Injection vulnerability in Kodcloud Kodbox
A vulnerability was found in kalcaddle kodbox up to 1.48.
network
low complexity
kodcloud CWE-77
critical
 9.8
9.8
2023-11-18 CVE-2023-48028 Improper Restriction of Excessive Authentication Attempts vulnerability in Kodcloud Kodbox 1.46.01
kodbox 1.46.01 has a security flaw that enables user enumeration.
network
low complexity
kodcloud CWE-307
critical
 9.8
9.8