24 matches found
kkFileView 4.0.0 - Cross-Site Scripting
kkFileView 4.0.0 contains multiple cross-site scripting vulnerabilities via the urls and currentUrl parameters at /controller/OnlinePreviewController.java. id: CVE-2022-29349 info: name: kkFileView 4.0.0 - Cross-Site Scripting author: arafatansari severity: medium description: | kkFileView 4.0.0...
EUVD-2022-45226
Malicious code in bioql PyPI...
CVE-2022-29349
kkFileView v4.0.0 was discovered to contain a cross-site scripting XSS vulnerability via the url parameter at /controller/OnlinePreviewController.java...
CVE-2022-43140
kkFileView v4.1.0 was discovered to contain a Server-Side Request Forgery SSRF via the component cn.keking.web.controller.OnlinePreviewControllergetCorsFile. This vulnerability allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the url paramete...
CVE-2022-46934
kkFileView v4.1.0 was discovered to contain a cross-site scripting XSS vulnerability via the url parameter at /controller/OnlinePreviewController.java...
EUVD-2022-49713
kkFileView v4.1.0 was discovered to contain a cross-site scripting XSS vulnerability via the url parameter at /controller/OnlinePreviewController.java...
CVE-2022-46934
kkFileView v4.1.0 was discovered to contain a cross-site scripting XSS vulnerability via the url parameter at /controller/OnlinePreviewController.java...
kkFileView 跨站脚本漏洞
Keking kkFileView is a Spring-Boot project to build online preview of documents by Keking Technology Keking. A security vulnerability exists in kkFileView v4.1.0, which stems from the /controller/OnlinePreviewController.java component's manipulation of the url parameter allowing an attacker to...
CVE-2022-46934
kkFileView v4.1.0 was discovered to contain a cross-site scripting XSS vulnerability via the url parameter at /controller/OnlinePreviewController.java...
CVE-2022-42149
kkFileView 4.0 is vulnerable to Server-side request forgery SSRF via controller\OnlinePreviewController.java...
Server side request forgery (ssrf)
kkFileView 4.0 is vulnerable to Server-side request forgery SSRF via controller\OnlinePreviewController.java...
CVE-2022-42149
kkFileView 4.0 is vulnerable to Server-side request forgery SSRF via controller\OnlinePreviewController.java...
CVE-2022-42149
kkFileView 4.0 is vulnerable to Server-side request forgery SSRF via controller\OnlinePreviewController.java...
CVE-2022-35151
kkFileView v4.1.0 was discovered to contain multiple cross-site scripting XSS vulnerabilities via the urls and currentUrl parameters at /controller/OnlinePreviewController.java...
CVE-2022-35151
kkFileView v4.1.0 was discovered to contain multiple cross-site scripting XSS vulnerabilities via the urls and currentUrl parameters at /controller/OnlinePreviewController.java...
Cross site scripting
kkFileView v4.1.0 was discovered to contain multiple cross-site scripting XSS vulnerabilities via the urls and currentUrl parameters at /controller/OnlinePreviewController.java...
CVE-2022-35151
CVE-2022-35151 for kkFileView 4.1.0 : Multiple cross-site scripting vulnerabilities via the urls and currentUrl parameters in /controller/OnlinePreviewController.java. Public sources describe the impact as executing malicious scripts in the victim’s browser, potentially enabling data theft or ses...
CVE-2022-35151
kkFileView v4.1.0 was discovered to contain multiple cross-site scripting XSS vulnerabilities via the urls and currentUrl parameters at /controller/OnlinePreviewController.java...
kkFileView 跨站脚本漏洞
Keking kkFileView is a Spring-Boot project for online previewing of documents by Keking Technology Keking. A cross-site scripting vulnerability exists in kkFileView v4.1.0, which originates from multiple cross-site scripts in the urls and currentUrl parameters of the...
CVE-2022-29349
kkFileView v4.0.0 was discovered to contain a cross-site scripting XSS vulnerability via the url parameter at /controller/OnlinePreviewController.java...