3 matches found
Camaleon CMS < 2.8.1 Arbitrary File Write to RCE
An arbitrary file write vulnerability accessible via the upload method of the MediaController allows authenticated users to write arbitrary files to any location on the web server Camaleon CMS is running on depending on the permissions of the underlying filesystem. E.g. This can lead to a remote...
CVE-2024-46986
creationtimestamp| type| source ---|---|--- 2024-09-18 20:55:56+00:00| seen| https://t.me/cvedetector/6006 2025-05-22 22:16:05+00:00| published-proof-of-concept| https://t.me/informationsecuritychannel/53596...
CVE-2024-46986 Arbitrary file write leading to RCE in Camaleon CMS
Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. An arbitrary file write vulnerability accessible via the upload method of the MediaController allows authenticated users to write arbitrary files to any location on the web server Camaleon CMS is running on...