# Exploit Title: KodExplorer 4.52 - Open Redirect # Date: 2024-11-08 # Exploit Author: Rahad Chowdhury # Vendor Homepage: https://kodcloud.com/ # Software Link: https://github.com/kalcaddle/KodExplorer/releases/tag/4.52 # Version: 4.52 # Tested on: Windows 10, PHP 8.2.4, Apache 2.4.56 *Steps to Reproduce:* 1. At first visit this url http://target.com/index.php?user/login&link=. 2. Then use any malicious url in link parameter. 3. your link will be look like: http://target.com/index.php?user/login&link=https://{site}.com 4. login your account and you will redirect to malicious url.