CVE-2025-2032

Medium CVSS: 5.1

A vulnerability classified as problematic was found in ChestnutCMS 1.5.2. This vulnerability affects the function renameFile of the file /cms/file/rename. The manipulation of the argument rename leads to path traversal. The exploit has been disclosed to the public and may be used.

Vendor

1000mz

Product

Chestnutcms

CWE

CWE-22

Yayın Tarihi

2025-03-06 17:15:24

Güncelleme

2025-05-12 20:43:29

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-22 Chestnutcms MEDIUM 1000mz 2025

Referanslar

https://github.com/IceFoxH/VULN/issues/7 https://vuldb.com/?ctiid.298774 https://vuldb.com/?id.298774 https://vuldb.com/?submit.512030

Benzer Kayıtlar

High

CVE-2025-70073

An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation…

Medium

CVE-2025-15009

A flaw has been found in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function FilenameUtils.getExten…

Medium

CVE-2025-12923

A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function resourceDownl…

Medium

CVE-2025-5552

A vulnerability was found in ChestnutCMS up to 15.1. It has been declared as critical. This vulnerability affects unknow…

Medium

CVE-2025-2917

A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function rea…

Medium

CVE-2025-2031

A vulnerability classified as critical has been found in ChestnutCMS up to 1.5.2. This affects the function uploadFile o…