36 matches found
CVE-2026-2557
A vulnerability was detected in cskefu up to 8.0.1. Impacted is the function Upload of the file com/cskefu/cc/controller/resource/MediaController.java of the component File Upload. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit is now public and...
CVE-2026-2556
A security vulnerability has been detected in cskefu up to 8.0.1. This issue affects some unknown processing of the file com/cskefu/cc/controller/resource/MediaController.java of the component Endpoint. The manipulation of the argument url leads to server-side request forgery. The attack may be...
EUVD-2026-6089
A security vulnerability has been detected in cskefu up to 8.0.1. This issue affects some unknown processing of the file com/cskefu/cc/controller/resource/MediaController.java of the component Endpoint. The manipulation of the argument url leads to server-side request forgery. The attack may be...
EUVD-2026-6088
A vulnerability was detected in cskefu up to 8.0.1. Impacted is the function Upload of the file com/cskefu/cc/controller/resource/MediaController.java of the component File Upload. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit is now public and...
CVE-2026-2557
A vulnerability was detected in cskefu up to 8.0.1. Impacted is the function Upload of the file com/cskefu/cc/controller/resource/MediaController.java of the component File Upload. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit is now public and...
CVE-2026-2557
A vulnerability was detected in cskefu up to 8.0.1. Impacted is the function Upload of the file com/cskefu/cc/controller/resource/MediaController.java of the component File Upload. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit is now public and...
CVE-2026-2556
A security vulnerability has been detected in cskefu up to 8.0.1. This issue affects some unknown processing of the file com/cskefu/cc/controller/resource/MediaController.java of the component Endpoint. The manipulation of the argument url leads to server-side request forgery. The attack may be...
CVE-2026-2556
A security vulnerability has been detected in cskefu up to 8.0.1. This issue affects some unknown processing of the file com/cskefu/cc/controller/resource/MediaController.java of the component Endpoint. The manipulation of the argument url leads to server-side request forgery. The attack may be...
CVE-2026-2557 cskefu File Upload MediaController.java upload cross site scripting
A vulnerability was detected in cskefu up to 8.0.1. Impacted is the function Upload of the file com/cskefu/cc/controller/resource/MediaController.java of the component File Upload. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit is now public and...
CVE-2026-2557
A vulnerability was detected in cskefu up to 8.0.1. Impacted is the function Upload of the file com/cskefu/cc/controller/resource/MediaController.java of the component File Upload. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit is now public and...
CVE-2026-2557
CVE-2026-2557 affects cskefu up to 8.0.1. The vulnerability is in the Upload function of MediaController.java (package com/cskefu/cc/controller/resource/MediaController.java) where the file upload path allows cross-site scripting. The issue is triggered remotely and exploit code is public (PoC). ...
CVE-2026-2557 cskefu File Upload MediaController.java upload cross site scripting
A vulnerability was detected in cskefu up to 8.0.1. Impacted is the function Upload of the file com/cskefu/cc/controller/resource/MediaController.java of the component File Upload. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit is now public and...
CVE-2026-2556 cskefu Endpoint MediaController.java server-side request forgery
A security vulnerability has been detected in cskefu up to 8.0.1. This issue affects some unknown processing of the file com/cskefu/cc/controller/resource/MediaController.java of the component Endpoint. The manipulation of the argument url leads to server-side request forgery. The attack may be...
CVE-2026-2556 cskefu Endpoint MediaController.java server-side request forgery
A security vulnerability has been detected in cskefu up to 8.0.1. This issue affects some unknown processing of the file com/cskefu/cc/controller/resource/MediaController.java of the component Endpoint. The manipulation of the argument url leads to server-side request forgery. The attack may be...
CVE-2026-2556
CVE-2026-2556 affects cskefu up to 8.0.1. A vulnerability in the Endpoint component arises from manipulation of the argument url in com/cskefu/cc/controller/resource/MediaController.java, leading to server-side request forgery (SSRF). The attack can be remote, and publicly disclosed exploits exis...
cskefu 安全漏洞
cskefu Chunsong Customer Service is an open-source, free intelligent customer service system developed by Chatopera in China. Versions of cskefu 8.0.1 and earlier contain security vulnerabilities. These vulnerabilities stem from improper handling of the url parameter by the Endpoint component in...
PT-2026-8344
A vulnerability was detected in cskefu up to 8.0.1. Impacted is the function Upload of the file com/cskefu/cc/controller/resource/MediaController.java of the component File Upload. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit is now public and...
PT-2026-8343
A security vulnerability has been detected in cskefu up to 8.0.1. This issue affects some unknown processing of the file com/cskefu/cc/controller/resource/MediaController.java of the component Endpoint. The manipulation of the argument url leads to server-side request forgery. The attack may be...
EUVD-2022-39230
Malicious code in bioql PyPI...
CVE-2024-29402
cskefu v7 suffers from Insufficient Session Expiration, which allows attackers to exploit the old session for malicious activity...