8 matches found
CVE-2022-36593
kkFileView v4.0.0 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter at /controller/FileController.java...
Arbitrary file deletion
kkFileView v4.0.0 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter at /controller/FileController.java...
CVE-2022-36593
kkFileView v4.0.0 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter at /controller/FileController.java...
Cross site scripting
kkFileView v4.0.0 was discovered to contain a cross-site scripting XSS vulnerability via the url parameter at /controller/OnlinePreviewController.java...
CVE-2022-29349
kkFileView 4.0.0 is affected by CVE-2022-29349, with multiple XSS vulnerabilities exposed via the url/currentUrl parameters in /controller/OnlinePreviewController.java. The issue enables injection of script code into a victim’s browser, potentially enabling session hijacking, defacement, or leaka...
CVE-2021-43734
kkFileview v4.0.0 has arbitrary file read through a directory traversal vulnerability which may lead to sensitive file leak on related host...
CVE-2021-43734
kkFileview v4.0.0 has arbitrary file read through a directory traversal vulnerability which may lead to sensitive file leak on related host...
CVE-2021-43734
kkFileview v4.0.0 has arbitrary file read through a directory traversal vulnerability which may lead to sensitive file leak on related host...