ChestnutCMS
Products
2- 12 CVEs
- 0 CVEs
Recent CVEs
12| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-36458 | Cri | 0.64 | 9.8 | 0.00 | May 7, 2026 | ChestnutCMS v1.5.10 has a SQL injection vulnerability. The content parameter of the cms_content tag can be manipulated in the admin backend and injected into a SQL query when the template is rendered. | ||
| CVE-2024-57450 | Cri | 0.64 | 9.8 | 0.01 | Feb 3, 2025 | ChestnutCMS <=1.5.0 is vulnerable to File Upload via the Create template function. | ||
| CVE-2024-56828 | Cri | 0.64 | 9.8 | 0.01 | Jan 6, 2025 | File Upload vulnerability in ChestnutCMS through 1.5.0. Based on the code analysis, it was determined that the /api/member/avatar API endpoint receives a base64 string as input. This string is then passed to the memberService.uploadAvatarByBase64 method for processing. Within… | ||
| CVE-2024-57451 | Hig | 0.49 | 7.5 | 0.01 | Feb 3, 2025 | ChestnutCMS <=1.5.0 has a directory traversal vulnerability in contentcore.controller.FileController#getFileList, which allows attackers to view any directory. | ||
| CVE-2024-57452 | Hig | 0.49 | 7.5 | 0.00 | Feb 3, 2025 | ChestnutCMS <=1.5.0 has an arbitrary file deletion vulnerability in contentcore.controller.FileController, which allows attackers to delete any file and folder. | ||
| CVE-2025-15009 | Med | 0.41 | 6.3 | 0.00 | Dec 22, 2025 | A flaw has been found in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function FilenameUtils.getExtension of the file /dev-api/common/upload of the component Filename Handler. Executing manipulation of the argument File can lead to unrestricted upload. The… | ||
| CVE-2025-5552 | Med | 0.41 | 6.3 | 0.00 | Jun 4, 2025 | A vulnerability was found in ChestnutCMS up to 15.1. It has been declared as critical. This vulnerability affects unknown code of the file /dev-api/groovy/exec of the component API Endpoint. The manipulation leads to deserialization. The attack can be initiated remotely. The… | ||
| CVE-2025-2031 | Med | 0.41 | 6.3 | 0.00 | Mar 6, 2025 | A vulnerability classified as critical has been found in ChestnutCMS up to 1.5.2. This affects the function uploadFile of the file /dev-api/cms/file/upload. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The… | ||
| CVE-2025-2917 | Med | 0.28 | 4.3 | 0.01 | Mar 28, 2025 | A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function readFile of the file /dev-api/cms/file/read. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The… | ||
| CVE-2025-2032 | Low | 0.23 | 3.5 | 0.01 | Mar 6, 2025 | A vulnerability classified as problematic was found in ChestnutCMS 1.5.2. This vulnerability affects the function renameFile of the file /cms/file/rename. The manipulation of the argument rename leads to path traversal. The exploit has been disclosed to the public and may be… | ||
| CVE-2025-12923 | Low | 0.18 | 2.7 | 0.01 | Nov 10, 2025 | A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function resourceDownload of the file /dev-api/common/download. Executing manipulation of the argument path can lead to path traversal. The attack can be launched remotely. The… | ||
| CVE-2025-70073 | 0.00 | — | 0.01 | Feb 5, 2026 | An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation function |
- risk 0.64cvss 9.8epss 0.00
ChestnutCMS v1.5.10 has a SQL injection vulnerability. The content parameter of the cms_content tag can be manipulated in the admin backend and injected into a SQL query when the template is rendered.
- risk 0.64cvss 9.8epss 0.01
ChestnutCMS <=1.5.0 is vulnerable to File Upload via the Create template function.
- risk 0.64cvss 9.8epss 0.01
File Upload vulnerability in ChestnutCMS through 1.5.0. Based on the code analysis, it was determined that the /api/member/avatar API endpoint receives a base64 string as input. This string is then passed to the memberService.uploadAvatarByBase64 method for processing. Within…
- risk 0.49cvss 7.5epss 0.01
ChestnutCMS <=1.5.0 has a directory traversal vulnerability in contentcore.controller.FileController#getFileList, which allows attackers to view any directory.
- risk 0.49cvss 7.5epss 0.00
ChestnutCMS <=1.5.0 has an arbitrary file deletion vulnerability in contentcore.controller.FileController, which allows attackers to delete any file and folder.
- risk 0.41cvss 6.3epss 0.00
A flaw has been found in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function FilenameUtils.getExtension of the file /dev-api/common/upload of the component Filename Handler. Executing manipulation of the argument File can lead to unrestricted upload. The…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in ChestnutCMS up to 15.1. It has been declared as critical. This vulnerability affects unknown code of the file /dev-api/groovy/exec of the component API Endpoint. The manipulation leads to deserialization. The attack can be initiated remotely. The…
- risk 0.41cvss 6.3epss 0.00
A vulnerability classified as critical has been found in ChestnutCMS up to 1.5.2. This affects the function uploadFile of the file /dev-api/cms/file/upload. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The…
- risk 0.28cvss 4.3epss 0.01
A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function readFile of the file /dev-api/cms/file/read. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The…
- risk 0.23cvss 3.5epss 0.01
A vulnerability classified as problematic was found in ChestnutCMS 1.5.2. This vulnerability affects the function renameFile of the file /cms/file/rename. The manipulation of the argument rename leads to path traversal. The exploit has been disclosed to the public and may be…
- risk 0.18cvss 2.7epss 0.01
A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function resourceDownload of the file /dev-api/common/download. Executing manipulation of the argument path can lead to path traversal. The attack can be launched remotely. The…
- CVE-2025-70073Feb 5, 2026risk 0.00cvss —epss 0.01
An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation function