Vulners
Lucene search
CVE-2025-2917
๐๏ธย 28 Mar 2025ย 17:31:04Reported byย VulDBTypeย 
ย cve๐ย web.nvd.nist.gov๐ย 102ย Views๐ WEB
| Reporter | Title | Published | Views | Family All 8 |
|---|---|---|---|---|
 | CVE-2025-2917 | 28 Mar 202518:28 | โ | circl |
 | ChestnutCMS ่ทฏๅพ้ๅๆผๆด | 28 Mar 202500:00 | โ | cnnvd |
 | CVE-2025-2917 ChestnutCMS read readFile path traversal | 28 Mar 202517:31 | โ | cvelist |
 | EUVD-2025-8642 | 3 Oct 202520:07 | โ | euvd |
 | CVE-2025-2917 | 28 Mar 202518:15 | โ | nvd |
 | CVE-2025-2917 | 28 Mar 202518:15 | โ | osv |
 | CVE-2025-2917 | 30 Mar 202517:48 | โ | redhatcve |
 | CVE-2025-2917 ChestnutCMS read readFile path traversal | 28 Mar 202517:31 | โ | vulnrichment |
Node
[
{
"vendor": "n/a",
"product": "ChestnutCMS",
"versions": [
{
"version": "1.5.0",
"status": "affected"
},
{
"version": "1.5.1",
"status": "affected"
},
{
"version": "1.5.2",
"status": "affected"
},
{
"version": "1.5.3",
"status": "affected"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| filePath | query param | /dev-api/cms/file/read | Path traversal via readFile vulnerability in ChestnutCMS up to 1.5.3 allowing remote attacker to manipulate filePath to traverse filesystem. | CWE-22 |
Data
Build on a solid foundation withย Vulners data
Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data
Api
Power your application withย Vulners API
The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access
App
Assess and manage vulnerabilities withย Vulnersย tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
09 Jun 2025 17:30Current
7.2High risk
Vulners AI Score7.2
CVSS 3.14.3 - 7.5
CVSS 24
CVSS 45.3
CVSS 34.3
EPSS0.00399
SSVC