Product
1000mz chestnutcms
11 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-70073
CVE-2025-15009
CVE-2025-12923
CVE-2025-5552
CVE-2025-2917
CVE-2025-2032
CVE-2025-2031
CVE-2024-57451
CVE-2024-57452
CVE-2024-57450
CVE-2024-56828
<= 1.5.8
An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation function
<= 1.5.8
A flaw has been found in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function FilenameUtils.getExtension of th
<= 1.5.8
A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the function resourceDownload of the
all versions
A vulnerability was found in ChestnutCMS up to 15.1. It has been declared as critical. This vulnerability affects unknown code of
<= 1.5.3
A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3. Affected is the function readFile of t
all versions
A vulnerability classified as problematic was found in ChestnutCMS 1.5.2. This vulnerability affects the function renameFile of th
all versions
A vulnerability classified as critical has been found in ChestnutCMS up to 1.5.2. This affects the function uploadFile of the file
<= 1.5.0
ChestnutCMS <=1.5.0 has a directory traversal vulnerability in contentcore.controller.FileController#getFileList, which allows att
<= 1.5.0
ChestnutCMS <=1.5.0 has an arbitrary file deletion vulnerability in contentcore.controller.FileController, which allows attackers
<= 1.5.0
ChestnutCMS <=1.5.0 is vulnerable to File Upload via the Create template function.
<= 1.5.0
File Upload vulnerability in ChestnutCMS through 1.5.0. Based on the code analysis, it was determined that the /api/member/avatar