Chestnutcms@* Security Vulnerabilities and Issues — Chestnutcms@* CVE List

Lucene search

1000mzChestnutcms*

5 matches found

CVE•added 2025/03/28 6:15 p.m.•90 views

CVE-2025-2917

A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function readFile of the file /dev-api/cms/file/read. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The exploit has been dis...

7.5CVSS7.2AI score0.001EPSS

CVE•added 2025/01/06 6:15 p.m.•78 views

CVE-2024-56828

File Upload vulnerability in ChestnutCMS through 1.5.0. Based on the code analysis, it was determined that the /api/member/avatar API endpoint receives a base64 string as input. This string is then passed to the memberService.uploadAvatarByBase64 method for processing. Within the service, the base6...

9.8CVSS7.3AI score0.0008EPSS

CVE•added 2025/02/03 8:15 p.m.•67 views

CVE-2024-57450

ChestnutCMS

9.8CVSS6.6AI score0.00256EPSS

CVE•added 2025/02/03 9:15 p.m.•64 views

CVE-2024-57451

ChestnutCMS

7.5CVSS7AI score0.00277EPSS

CVE•added 2025/02/03 8:15 p.m.•42 views

CVE-2024-57452

ChestnutCMS

7.5CVSS6.7AI score0.00089EPSS