CVE-2024-57451

High CVSS: 7.5

ChestnutCMS <=1.5.0 has a directory traversal vulnerability in contentcore.controller.FileController#getFileList, which allows attackers to view any directory.

Vendor

1000mz

Product

Chestnutcms

CWE

CWE-22

Yayın Tarihi

2025-02-03 21:15:14

Güncelleme

2025-05-13 19:31:39

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-22 Chestnutcms HIGH 1000mz 2025

Referanslar

https://locrian-lightning-dc7.notion.site/Directory-traversal-1628e5e2b1a280fdb463c2235acc7f75

Benzer Kayıtlar

High

CVE-2025-70073

An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation…

Medium

CVE-2025-15009

A flaw has been found in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function FilenameUtils.getExten…

Medium

CVE-2025-12923

A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function resourceDownl…

Medium

CVE-2025-5552

A vulnerability was found in ChestnutCMS up to 15.1. It has been declared as critical. This vulnerability affects unknow…

Medium

CVE-2025-2917

A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function rea…

Medium

CVE-2025-2032

A vulnerability classified as problematic was found in ChestnutCMS 1.5.2. This vulnerability affects the function rename…