kvf-admin 跨站脚本漏洞

kvf-admin is a rapid development framework, scaffolding, backend management system, permission system. kvf-admin cross-site scripting vulnerability , the vulnerability stems from the file / ueditor/upload?configPath=ueditor/config.json&action=uploadfile parameter upfile lack of effective filterin...

File upload vulnerability in OFCMS backend ueditor uploadFIle

OFCMS is a content management system developed based on java technology. There is a file upload vulnerability in OFCMS backend ueditor uploadFIle, which can be exploited by attackers to upload webshell and gain server privileges, posing information leakage and operational security risks...