Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2025/03/28 5:31 p.m.14 views

CVE-2025-2917 ChestnutCMS read readFile path traversal

A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function readFile of the file /dev-api/cms/file/read. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The exploit has been...

5.3CVSS7.2AI score0.00704EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/03/28 5:31 p.m.28 views

CVE-2025-2917 ChestnutCMS read readFile path traversal

A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function readFile of the file /dev-api/cms/file/read. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The exploit has been...

5.3CVSS0.00704EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2022/04/25 4:16 p.m.4 views

CVE-2022-1390

The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter given to readfile, which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a...

9.8CVSS7.9AI score0.22133EPSS
Exploits2References4
OSV
OSV
added 2022/04/25 4:16 p.m.5 views

CVE-2022-1390

The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter given to readfile, which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a...

9.8CVSS5.9AI score0.22133EPSS
Exploits2References2
Rows per page
Query Builder