1000mz ChestnutCMS 1.5.2
Approved changes feed: RSS · Atom
cpe:2.3:a:1000mz:chestnutcms:1.5.2:*:*:*:*:*:*:*
part: a version: 1.5.2 update: *
| Vendor | 1000Mz (167c91fb-80a3-5255-98c5-8d627801c667) |
|---|---|
| Product | Chestnutcms (73cac130-a650-586d-940a-79d803db718e) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/liweiyi/chestnutcms |
purl2cpe | 2026-06-01 10:16:26.815137 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-2032 |
vulnerable | 2026-06-08 07:14:57.797867 |
ChestnutCMS rename renameFile path traversal
LOW (3.5)
A vulnerability classified as problematic was found in ChestnutCMS 1.5.2. This vulnerability affects the function renameFile of the file /cms/file/rename. The manipulation of the argument rename leads to path traversal. The exploit has been disclosed to the public and may be used.
Published: 2025-03-06T16:31:04.530Z
Updated: 2025-03-12T21:12:05.980Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-2031 |
vulnerable | 2026-06-08 07:14:57.797416 |
ChestnutCMS upload uploadFile unrestricted upload
MEDIUM (6.3)
A vulnerability classified as critical has been found in ChestnutCMS up to 1.5.2. This affects the function uploadFile of the file /dev-api/cms/file/upload. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-03-06T16:00:09.784Z
Updated: 2025-03-06T16:28:30.900Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.