CVE-2025-4258 | zhangyanbo2007 youkefu up to 4.2.0 MediaController.java upload imgFile unrestricted upload

A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu up to 4.2.0. Affected is the function Upload of the file youkefu-mastersrcmainjavacomukefuwebimwebhandlerresourceMediaController.java. The manipulation of the argument imgFile leads to unrestricted upload.

This vulnerability is traded as CVE-2025-4258. It is possible to launch the attack remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More