VYPR
Vendor

Cskefu

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2026-2556MedFeb 16, 2026
    risk 0.41cvss 6.3epss 0.00

    A security vulnerability has been detected in cskefu up to 8.0.1. This issue affects some unknown processing of the file com/cskefu/cc/controller/resource/MediaController.java of the component Endpoint. The manipulation of the argument url leads to server-side request forgery.…

  • CVE-2026-2557LowFeb 16, 2026
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was detected in cskefu up to 8.0.1. Impacted is the function Upload of the file com/cskefu/cc/controller/resource/MediaController.java of the component File Upload. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit…

  • CVE-2024-29402MedApr 16, 2024
    risk 0.21cvss 4.3epss 0.00

    cskefu v7 suffers from Insufficient Session Expiration, which allows attackers to exploit the old session for malicious activity.

  • CVE-2022-36521Aug 26, 2022
    risk 0.00cvss epss 0.01

    Insecure permissions in cskefu v7.0.1 allows unauthenticated attackers to arbitrarily add administrator accounts.