Chestnutcms Security Vulnerabilities and Issues — Chestnutcms CVE List

Lucene search

1000mzChestnutcms

3 matches found

CVE•added 2025/03/28 6:15 p.m.•90 views

CVE-2025-2917

A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function readFile of the file /dev-api/cms/file/read. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The exploit has been dis...

7.5CVSS7.2AI score0.001EPSS

CVE•added 2025/03/06 4:15 p.m.•77 views

CVE-2025-2031

A vulnerability classified as critical has been found in ChestnutCMS up to 1.5.2. This affects the function uploadFile of the file /dev-api/cms/file/upload. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been discl...

7.6CVSS7.2AI score0.00027EPSS

CVE•added 2025/03/06 5:15 p.m.•43 views

CVE-2025-2032

A vulnerability classified as problematic was found in ChestnutCMS 1.5.2. This vulnerability affects the function renameFile of the file /cms/file/rename. The manipulation of the argument rename leads to path traversal. The exploit has been disclosed to the public and may be used.

5.1CVSS7.1AI score0.00025EPSS