Vulnerabilities > Keking > High

DATE CVE VULNERABILITY TITLE RISK
2022-11-17 CVE-2022-43140 Server-Side Request Forgery (SSRF) vulnerability in Keking Kkfileview 4.1.0
kkFileView v4.1.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component cn.keking.web.controller.OnlinePreviewController#getCorsFile.
network
low complexity
keking CWE-918
7.5
7.5
2022-02-15 CVE-2021-43734 Path Traversal vulnerability in Keking Kkfileview 4.0.0
kkFileview v4.0.0 has arbitrary file read through a directory traversal vulnerability which may lead to sensitive file leak on related host.
network
low complexity
keking CWE-22
7.5
7.5