6 matches found
CVE-2025-4260
A vulnerability was found in zhangyanbo2007 youkefu up to 4.2.0 and classified as problematic. Affected by this issue is the function impsave of the file m\web\handler\admin\system\TemplateController.java. The manipulation of the argument dataFile leads to deserialization. The attack may be...
CVE-2025-4260
CVE-2025-4260 affects youkefu by zhangyanbo2007 up to version 4.2.0. The vulnerability is in the function impsave of TemplateController.java (path m/web/handler/admin/system/TemplateController.java). The issue arises from manipulating the argument dataFile, which leads to a deserialization vulner...
CVE-2025-4258
CVE-2025-4258 affects zhangyanbo2007 Youkefu up to version 4.2.0. The issue is in the Upload function of MediaController.java (path youkefu-master/src/main/java/com/ukefu/webim/web/handler/resource/MediaController.java) where manipulating the imgFile argument leads to unrestricted file upload. Th...
PT-2025-19335 · Unknown · Zhangyanbo2007 Youkefu
Name of the Vulnerable Software and Affected Versions: zhangyanbo2007 youkefu version 4.2.0 and earlier Description: A vulnerability was found in the function impsave of the file mwebhandleradminsystemTemplateController.java. The manipulation of the argument dataFile leads to deserialization. The...
CVE-2025-2997
A vulnerability was found in zhangyanbo2007 youkefu 4.2.0. It has been classified as critical. Affected is an unknown function of the file /res/url. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been...
youkefu 代码问题漏洞
youkefu is a customer service support application by the individual developer zhangyanbo2007. A code issue vulnerability exists in youkefu version 4.2.0, which stems from an incorrect manipulation of the parameter url that can lead to server-side request forgery...