104 matches found
EUVD-2024-53592
Malicious code in bioql PyPI...
EUVD-2024-53591
Malicious code in bioql PyPI...
EUVD-2024-53593
Malicious code in bioql PyPI...
EUVD-2025-16801
Malicious code in bioql PyPI...
CVE-2025-5552
A vulnerability was found in ChestnutCMS up to 15.1. It has been declared as critical. This vulnerability affects unknown code of the file /dev-api/groovy/exec of the component API Endpoint. The manipulation leads to deserialization. The attack can be initiated remotely. The exploit has been...
CVE-2025-5552
A vulnerability was found in ChestnutCMS up to 15.1. It has been declared as critical. This vulnerability affects unknown code of the file /dev-api/groovy/exec of the component API Endpoint. The manipulation leads to deserialization. The attack can be initiated remotely. The exploit has been...
CVE-2025-5552 ChestnutCMS API Endpoint exec deserialization
A vulnerability was found in ChestnutCMS up to 15.1. It has been declared as critical. This vulnerability affects unknown code of the file /dev-api/groovy/exec of the component API Endpoint. The manipulation leads to deserialization. The attack can be initiated remotely. The exploit has been...
CVE-2025-5552 ChestnutCMS API Endpoint exec deserialization
A vulnerability was found in ChestnutCMS up to 15.1. It has been declared as critical. This vulnerability affects unknown code of the file /dev-api/groovy/exec of the component API Endpoint. The manipulation leads to deserialization. The attack can be initiated remotely. The exploit has been...
CVE-2025-5552
CVE-2025-5552 affects ChestnutCMS up to version 15.1, targeting the API Endpoint’s file /dev-api/groovy/exec. The issue is a deserialization vulnerability that can be exploited remotely; exploitation details have been publicly disclosed. Several connected sources confirm this, including Red Hat a...
PT-2025-23733 · Unknown · Chestnutcms
Name of the Vulnerable Software and Affected Versions: ChestnutCMS versions up to 15.1 Description: A critical issue has been found in the API Endpoint component, specifically affecting the /dev-api/groovy/exec file. This issue leads to deserialization and can be exploited remotely. The exploit h...
ChestnutCMS 代码问题漏洞
ChestnutCMS is a front-end and back-end separated enterprise-level content management system by liweiyi individual developer. A code issue vulnerability exists in ChestnutCMS 15.1 and earlier versions, which stems from a deserialization issue in API endpoint files...
CVE-2024-56828
File Upload vulnerability in ChestnutCMS through 1.5.0. Based on the code analysis, it was determined that the /api/member/avatar API endpoint receives a base64 string as input. This string is then passed to the memberService.uploadAvatarByBase64 method for processing. Within the service, the...
CVE-2025-2917
A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function readFile of the file /dev-api/cms/file/read. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-2917
A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function readFile of the file /dev-api/cms/file/read. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-2917
A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function readFile of the file /dev-api/cms/file/read. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-2917 ChestnutCMS read readFile path traversal
A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function readFile of the file /dev-api/cms/file/read. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-2917 ChestnutCMS read readFile path traversal
A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function readFile of the file /dev-api/cms/file/read. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-2917
ChestnutCMS up to version 1.5.3 is affected by a path traversal vulnerability in the readFile function at /dev-api/cms/file/read. By manipulating the filePath argument, an attacker can traverse directories and potentially access sensitive files. The issue is exploitable remotely, and public explo...
ChestnutCMS 路径遍历漏洞
ChestnutCMS is a front-end and back-end separated enterprise-level content management system by liweiyi individual developer. A path traversal vulnerability exists in ChestnutCMS 1.5.3 and earlier versions, which originates from a path traversal in the readFile function and may be exploited...
ChestnutCMS File Upload Vulnerability (CNVD-2025-05386)
ChestnutCMS is a front-end and back-end separated enterprise-level content management system. A file upload vulnerability exists in ChestnutCMS 1.5.2 and earlier versions, which stems from a lack of validation of uploaded files by the parameter file. An attacker can exploit this vulnerability to...