Vulnerabilities > Keking > Kkfileview > 4.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-17 | CVE-2022-42147 | Cross-site Scripting vulnerability in Keking Kkfileview 4.0.0 kkFileView 4.0 is vulnerable to Cross Site Scripting (XSS) via controller\ Filecontroller.java. | 6.1 |
| 2022-10-17 | CVE-2022-42149 | Server-Side Request Forgery (SSRF) vulnerability in Keking Kkfileview 4.0.0 kkFileView 4.0 is vulnerable to Server-side request forgery (SSRF) via controller\OnlinePreviewController.java. | 9.8 |
| 2022-05-25 | CVE-2022-29349 | Cross-site Scripting vulnerability in Keking Kkfileview 4.0.0 kkFileView v4.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the url parameter at /controller/OnlinePreviewController.java. | 4.3 |
| 2022-02-15 | CVE-2021-43734 | Path Traversal vulnerability in Keking Kkfileview 4.0.0 kkFileview v4.0.0 has arbitrary file read through a directory traversal vulnerability which may lead to sensitive file leak on related host. | 5.0 |