CVE-2022-42147

kkFileView 4.0 is vulnerable to Cross Site Scripting XSS via controller\ Filecontroller.java...

CVE-2022-43140

kkFileView v4.1.0 was discovered to contain a Server-Side Request Forgery SSRF via the component cn.keking.web.controller.OnlinePreviewControllergetCorsFile. This vulnerability allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the url paramete...

CVE-2022-40879

kkFileView v4.1.0 is vulnerable to Cross Site Scripting XSS via the parameter 'errorMsg.'...

CVE-2022-36593

kkFileView v4.0.0 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter at /controller/FileController.java...

CVE-2021-43734

kkFileview v4.0.0 has arbitrary file read through a directory traversal vulnerability which may lead to sensitive file leak on related host...

CVE-2025-4538

A vulnerability was found in kkFileView 4.4.0. It has been classified as critical. This affects an unknown part of the file /fileUpload. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...

CVE-2025-4538

A vulnerability was found in kkFileView 4.4.0. It has been classified as critical. This affects an unknown part of the file /fileUpload. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...

CVE-2025-4538 kkFileView fileUpload unrestricted upload

A vulnerability was found in kkFileView 4.4.0. It has been classified as critical. This affects an unknown part of the file /fileUpload. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...

CVE-2025-4538

KKFileView 4.4.0 is affected by CVE-2025-4538 due to improper handling of the File argument in the /fileUpload endpoint, enabling unrestricted file uploads. The vulnerability permits remote initiation and, per disclosures, an exploit exists in public.

CVE-2025-4538 kkFileView fileUpload unrestricted upload

A vulnerability was found in kkFileView 4.4.0. It has been classified as critical. This affects an unknown part of the file /fileUpload. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...

kkFileView 代码问题漏洞

kkFileView is Kaijing Technology kekingcn open source Spring-Boot based on a generic file online preview project . kkFileView 4.4.0 version of the code problem vulnerability , the vulnerability stems from the file/fileUpload in the parameter File of the wrong operation leads to arbitrary file...

PT-2025-20660 · Unknown · Kkfileview

Name of the Vulnerable Software and Affected Versions: kkFileView version 4.4.0 Description: A critical issue affects an unknown part of the file /fileUpload. The manipulation of the File argument leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been...

CVE-2023-48815

kkFileView v4.3.0 is vulnerable to Incorrect Access Control...

CVE-2023-48815

kkFileView v4.3.0 is vulnerable to Incorrect Access Control...

CVE-2023-48815

kkFileView v4.3.0 is vulnerable to Incorrect Access Control...

Improper access control

kkFileView v4.3.0 is vulnerable to Incorrect Access Control...

CVE-2023-48815

CVE-2023-48815 affects kkFileView v4.3.0 and is described as an Incorrect Access Control issue. The NVD entry provides CVSS 3.1: Network, Low Attack Complexity, No Privileges Required, User Interaction Required, Scope Changed, with Confidentiality and Integrity Impact Low, Availability Impact Non...

CVE-2023-48815

kkFileView v4.3.0 is vulnerable to Incorrect Access Control...

kkFileView Security Vulnerability

kkFileView is Kaijing Technology kekingcn open source Spring-Boot based on a generic file online preview project . kkFileView v4.3.0 version of a security vulnerability , the vulnerability stems from incorrect access control...

PT-2023-30966 · Unknown · Kkfileview

Name of the Vulnerable Software and Affected Versions: kkFileView version 4.3.0 Description: The issue is related to Incorrect Access Control. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited...