Keking: >> Kkfileview >> 4.0.0 Security Vulnerabilities
kkFileView 4.0 is vulnerable to Cross Site Scripting (XSS) via controller\ Filecontroller.java.
CVSS Score
6.1
EPSS Score
0.001
Published
2022-10-17
kkFileView 4.0 is vulnerable to Server-side request forgery (SSRF) via controller\OnlinePreviewController.java.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-10-17
kkFileView v4.0.0 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter at /controller/FileController.java.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-09-02
kkFileView v4.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the url parameter at /controller/OnlinePreviewController.java.
CVSS Score
6.1
EPSS Score
0.027
Published
2022-05-25
kkFileview v4.0.0 has arbitrary file read through a directory traversal vulnerability which may lead to sensitive file leak on related host.
CVSS Score
7.5
EPSS Score
0.492
Published
2022-02-15