104 matches found
CVE-2025-15009
A flaw has been found in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function FilenameUtils.getExtension of the file /dev-api/common/upload of the component Filename Handler. Executing manipulation of the argument File can lead to unrestricted upload. The attack may be launche...
CVE-2025-15009 liweiyi ChestnutCMS Filename upload FilenameUtils.getExtension unrestricted upload
A flaw has been found in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function FilenameUtils.getExtension of the file /dev-api/common/upload of the component Filename Handler. Executing manipulation of the argument File can lead to unrestricted upload. The attack may be launche...
CVE-2025-15009 liweiyi ChestnutCMS Filename upload FilenameUtils.getExtension unrestricted upload
A flaw has been found in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function FilenameUtils.getExtension of the file /dev-api/common/upload of the component Filename Handler. Executing manipulation of the argument File can lead to unrestricted upload. The attack may be launche...
EUVD-2025-204682
A flaw has been found in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function FilenameUtils.getExtension of the file /dev-api/common/upload of the component Filename Handler. Executing manipulation of the argument File can lead to unrestricted upload. The attack may be launche...
CVE-2025-15009
The CVE-2025-15009 entry affects liweiyi ChestnutCMS up to version 1.5.8, specifically the Filename Handler’s FilenameUtils.getExtension function in /dev-api/common/upload. The vulnerability arises from how the File argument is manipulated, enabling unrestricted remote file uploads. Multiple sour...
ChestnutCMS 代码问题漏洞
ChestnutCMS is a front-end and back-end separated enterprise-level content management system by liweiyi individual developers. A code issue vulnerability exists in liweiyi ChestnutCMS 1.5.8 and earlier versions, which stems from the incorrect operation of the parameter File in the file...
PT-2025-52621
Name of the Vulnerable Software and Affected Versions liweiyi ChestnutCMS versions up to 1.5.8 Description A flaw exists in liweiyi ChestnutCMS up to version 1.5.8. This issue affects the FilenameUtils.getExtension function within the Filename Handler component, located in the file...
CVE-2025-12923
A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function resourceDownload of the file /dev-api/common/download. Executing manipulation of the argument path can lead to path traversal. The attack can be launched remotely. The exploit has been...
CVE-2025-12923
A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function resourceDownload of the file /dev-api/common/download. Executing manipulation of the argument path can lead to path traversal. The attack can be launched remotely. The exploit has been...
CVE-2025-12923
A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function resourceDownload of the file /dev-api/common/download. Executing manipulation of the argument path can lead to path traversal. The attack can be launched remotely. The exploit has been...
CVE-2025-12923 liweiyi ChestnutCMS download resourceDownload path traversal
A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function resourceDownload of the file /dev-api/common/download. Executing manipulation of the argument path can lead to path traversal. The attack can be launched remotely. The exploit has been...
CVE-2025-12923 liweiyi ChestnutCMS download resourceDownload path traversal
A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function resourceDownload of the file /dev-api/common/download. Executing manipulation of the argument path can lead to path traversal. The attack can be launched remotely. The exploit has been...
EUVD-2025-38723
A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function resourceDownload of the file /dev-api/common/download. Executing manipulation of the argument path can lead to path traversal. The attack can be launched remotely. The exploit has been...
CVE-2025-12923
CVE-2025-12923 affects liweiyi ChestnutCMS up to 1.5.8. The vulnerability is in the resourceDownload function under /dev-api/common/download, where manipulation of the path parameter enables path traversal. The issue can be exploited remotely and the exploit has been publicly disclosed. Affected ...
ChestnutCMS 路径遍历漏洞
ChestnutCMS is a front-end and back-end separated enterprise-level content management system by liweiyi individual developer. A path traversal vulnerability exists in ChestnutCMS 1.5.8 and earlier versions, which stems from incorrect manipulation of the parameter path in the file...
PT-2025-45585
A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function resourceDownload of the file /dev-api/common/download. Executing manipulation of the argument path can lead to path traversal. The attack can be launched remotely. The exploit has been...
EUVD-2024-53439
Malicious code in bioql PyPI...
EUVD-2025-8642
Malicious code in bioql PyPI...
EUVD-2025-6210
Malicious code in bioql PyPI...
EUVD-2024-53591
Malicious code in bioql PyPI...