CVE-2024-57452

High CVSS: 7.5

ChestnutCMS <=1.5.0 has an arbitrary file deletion vulnerability in contentcore.controller.FileController, which allows attackers to delete any file and folder.

Vendor

1000mz

Product

Chestnutcms

CWE

CWE-552

Yayın Tarihi

2025-02-03 20:15:34

Güncelleme

2025-05-13 19:39:27

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-552 Chestnutcms HIGH 1000mz 2025

Referanslar

https://locrian-lightning-dc7.notion.site/File-Delete-1628e5e2b1a280cfb497de7b8bcff128 https://locrian-lightning-dc7.notion.site/File-Delete-1628e5e2b1a280cfb497de7b8bcff128

Benzer Kayıtlar

High

CVE-2025-70073

An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation…

Medium

CVE-2025-15009

A flaw has been found in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function FilenameUtils.getExten…

Medium

CVE-2025-12923

A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function resourceDownl…

Medium

CVE-2025-5552

A vulnerability was found in ChestnutCMS up to 15.1. It has been declared as critical. This vulnerability affects unknow…

Medium

CVE-2025-2917

A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function rea…

Medium

CVE-2025-2032

A vulnerability classified as problematic was found in ChestnutCMS 1.5.2. This vulnerability affects the function rename…