CVE-2025-2031 | ChestnutCMS up to 1.5.2 /dev-api/cms/file/upload uploadFile file unrestricted upload

Inserito da Angelo Barbosa | Mar 6, 2025 | CVE

A vulnerability classified as critical has been found in ChestnutCMS up to 1.5.2. This affects the function uploadFile of the file /dev-api/cms/file/upload. The manipulation of the argument file leads to unrestricted upload.

This vulnerability is uniquely identified as CVE-2025-2031. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2025-2031 | ChestnutCMS up to 1.5.2 /dev-api/cms/file/upload uploadFile file unrestricted upload

Post correlati

CVE-2022-49265 | Linux Kernel up to 5.15.32/5.16.18/5.17.1 genpd_debug_remove stack-based overflow

CVE-2024-20088 | MediaTek MT8796 Keyinstall out-of-bounds (MSV-1543 / ALPS08932099)

CVE-2024-7005 | Google Chrome up to 126.0.6478.182 Safe Browsing Privilege Escalation

CVE-2024-32955 | Foliovision FV Flowplayer Video Player Plugin up to 7.5.43.7212 on WordPress server-side request forgery