Lucene search
K

104 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-53592

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00835EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-53591

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.0054EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-53593

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00375EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-16801

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00409EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/06/06 2:20 a.m.15 views

CVE-2025-5552

A vulnerability was found in ChestnutCMS up to 15.1. It has been declared as critical. This vulnerability affects unknown code of the file /dev-api/groovy/exec of the component API Endpoint. The manipulation leads to deserialization. The attack can be initiated remotely. The exploit has been...

6.5CVSS7.4AI score0.00409EPSS
Exploits1References1
NVD
NVD
added 2025/06/04 3:15 a.m.28 views

CVE-2025-5552

A vulnerability was found in ChestnutCMS up to 15.1. It has been declared as critical. This vulnerability affects unknown code of the file /dev-api/groovy/exec of the component API Endpoint. The manipulation leads to deserialization. The attack can be initiated remotely. The exploit has been...

8.8CVSS0.00409EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/06/04 2:0 a.m.9 views

CVE-2025-5552 ChestnutCMS API Endpoint exec deserialization

A vulnerability was found in ChestnutCMS up to 15.1. It has been declared as critical. This vulnerability affects unknown code of the file /dev-api/groovy/exec of the component API Endpoint. The manipulation leads to deserialization. The attack can be initiated remotely. The exploit has been...

6.5CVSS6.5AI score0.00409EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/06/04 2:0 a.m.27 views

CVE-2025-5552 ChestnutCMS API Endpoint exec deserialization

A vulnerability was found in ChestnutCMS up to 15.1. It has been declared as critical. This vulnerability affects unknown code of the file /dev-api/groovy/exec of the component API Endpoint. The manipulation leads to deserialization. The attack can be initiated remotely. The exploit has been...

6.5CVSS0.00409EPSS
Exploits1References4
CVE
CVE
added 2025/06/04 2:0 a.m.77 views

CVE-2025-5552

CVE-2025-5552 affects ChestnutCMS up to version 15.1, targeting the API Endpoint’s file /dev-api/groovy/exec. The issue is a deserialization vulnerability that can be exploited remotely; exploitation details have been publicly disclosed. Several connected sources confirm this, including Red Hat a...

8.8CVSS6.5AI score0.00409EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/06/04 12:0 a.m.4 views

PT-2025-23733 · Unknown · Chestnutcms

Name of the Vulnerable Software and Affected Versions: ChestnutCMS versions up to 15.1 Description: A critical issue has been found in the API Endpoint component, specifically affecting the /dev-api/groovy/exec file. This issue leads to deserialization and can be exploited remotely. The exploit h...

6.5CVSS6.2AI score0.00409EPSS
Exploits1References8
CNNVD
CNNVD
added 2025/06/04 12:0 a.m.5 views

ChestnutCMS 代码问题漏洞

ChestnutCMS is a front-end and back-end separated enterprise-level content management system by liweiyi individual developer. A code issue vulnerability exists in ChestnutCMS 15.1 and earlier versions, which stems from a deserialization issue in API endpoint files...

8.8CVSS6.7AI score0.00409EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/23 9:10 a.m.3 views

CVE-2024-56828

File Upload vulnerability in ChestnutCMS through 1.5.0. Based on the code analysis, it was determined that the /api/member/avatar API endpoint receives a base64 string as input. This string is then passed to the memberService.uploadAvatarByBase64 method for processing. Within the service, the...

9.8CVSS7AI score0.0085EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/03/30 5:48 p.m.22 views

CVE-2025-2917

A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function readFile of the file /dev-api/cms/file/read. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS7.2AI score0.00704EPSS
Exploits1References1
OSV
OSV
added 2025/03/28 6:15 p.m.4 views

CVE-2025-2917

A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function readFile of the file /dev-api/cms/file/read. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS4.9AI score0.00704EPSS
Exploits1References5
NVD
NVD
added 2025/03/28 6:15 p.m.21 views

CVE-2025-2917

A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function readFile of the file /dev-api/cms/file/read. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS0.00704EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/03/28 5:31 p.m.32 views

CVE-2025-2917 ChestnutCMS read readFile path traversal

A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function readFile of the file /dev-api/cms/file/read. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The exploit has been...

5.3CVSS0.00704EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/03/28 5:31 p.m.14 views

CVE-2025-2917 ChestnutCMS read readFile path traversal

A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function readFile of the file /dev-api/cms/file/read. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The exploit has been...

5.3CVSS7.2AI score0.00704EPSS
Exploits1References4
CVE
CVE
added 2025/03/28 5:31 p.m.111 views

CVE-2025-2917

ChestnutCMS up to version 1.5.3 is affected by a path traversal vulnerability in the readFile function at /dev-api/cms/file/read. By manipulating the filePath argument, an attacker can traverse directories and potentially access sensitive files. The issue is exploitable remotely, and public explo...

7.5CVSS7.2AI score0.00704EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2025/03/28 12:0 a.m.3 views

ChestnutCMS 路径遍历漏洞

ChestnutCMS is a front-end and back-end separated enterprise-level content management system by liweiyi individual developer. A path traversal vulnerability exists in ChestnutCMS 1.5.3 and earlier versions, which originates from a path traversal in the readFile function and may be exploited...

7.5CVSS4.9AI score0.00704EPSS
Exploits1References6
CNVD
CNVD
added 2025/03/13 12:0 a.m.10 views

ChestnutCMS File Upload Vulnerability (CNVD-2025-05386)

ChestnutCMS is a front-end and back-end separated enterprise-level content management system. A file upload vulnerability exists in ChestnutCMS 1.5.2 and earlier versions, which stems from a lack of validation of uploaded files by the parameter file. An attacker can exploit this vulnerability to...

7.6CVSS7.5AI score0.00322EPSS
Exploits1References1
Rows per page
Query Builder