CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-57451

ChestnutCMS <=1.5.0 has a directory traversal vulnerability in contentcore.controller.FileController#getFileList, which allows attackers to view any directory.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.6%

CVSS Severity

CVSS v3 Score 7.5

References

https://locrian-lightning-dc7.notion.site/Directory-traversal-1628e5e2b1a280fdb463c2235acc7f75

Products affected by CVE-2024-57451

1000mz » Chestnutcms » Version: 1.3.18

cpe:2.3:a:1000mz:chestnutcms:1.3.18
1000mz » Chestnutcms » Version: 1.3.19

cpe:2.3:a:1000mz:chestnutcms:1.3.19
1000mz » Chestnutcms » Version: 1.3.20

cpe:2.3:a:1000mz:chestnutcms:1.3.20
1000mz » Chestnutcms » Version: 1.3.21

cpe:2.3:a:1000mz:chestnutcms:1.3.21
1000mz » Chestnutcms » Version: 1.3.23

cpe:2.3:a:1000mz:chestnutcms:1.3.23
1000mz » Chestnutcms » Version: 1.3.24

cpe:2.3:a:1000mz:chestnutcms:1.3.24
1000mz » Chestnutcms » Version: 1.3.25

cpe:2.3:a:1000mz:chestnutcms:1.3.25
1000mz » Chestnutcms » Version: 1.4.0

cpe:2.3:a:1000mz:chestnutcms:1.4.0
1000mz » Chestnutcms » Version: 1.4.1

cpe:2.3:a:1000mz:chestnutcms:1.4.1
1000mz » Chestnutcms » Version: 1.4.2

cpe:2.3:a:1000mz:chestnutcms:1.4.2
1000mz » Chestnutcms » Version: 1.4.3

cpe:2.3:a:1000mz:chestnutcms:1.4.3
1000mz » Chestnutcms » Version: 1.4.4

cpe:2.3:a:1000mz:chestnutcms:1.4.4
1000mz » Chestnutcms » Version: 1.4.5

cpe:2.3:a:1000mz:chestnutcms:1.4.5
1000mz » Chestnutcms » Version: 1.5.0

cpe:2.3:a:1000mz:chestnutcms:1.5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-57451

Products

Pricing

Contact Us