CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

194 matches found

Camaleon CMS < 2.8.1 Arbitrary File Write to RCE

An arbitrary file write vulnerability accessible via the upload method of the MediaController allows authenticated users to write arbitrary files to any location on the web server Camaleon CMS is running on depending on the permissions of the underlying filesystem. E.g. This can lead to a remote...

9.9CVSS6.5AI score0.92294EPSS

Exploits2References5

GithubExploit•added 2 days ago•48 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Tuzitio Camaleon_Cms

HTB Facts — Full Writeup Difficulty: Medium OS: Lin...

7.7CVSS5.9AI score0.44011EPSS

Exploits11

Packet Storm•added 2026/05/05 12:0 a.m.•29 views

📄 Camaleon CMS 2.9.0 Path Traversal

Camaleon CMS version 2.9.0 suffers from a path traversal vulnerability. Exploit Title: Camaleon CMS v2.9.0 - Path Traversal Date: 2026-02-02 Exploit Author: Sakshi Velampudi CyberQuestor Vendor Homepage: https://github.com/owen2345/camaleon-cms Software Link:...

7.7CVSS5.8AI score0.44011EPSS

Exploits11

Exploit DB•added 2026/04/30 12:0 a.m.•65 views

Camaleon CMS v2.9.0 - Path Traversal

Exploit Title: Camaleon CMS v2.9.0 - Path Traversal Date: 2026-02-02 Exploit Author: Sakshi Velampudi CyberQuestor Vendor Homepage: https://github.com/owen2345/camaleon-cms Software Link: https://github.com/owen2345/camaleon-cms/releases/tag/2.9.0 Version: = 2.9.0 Tested on: Linux CVE:...

7.7CVSS5.2AI score0.44011EPSS

Exploits11

GithubExploit•added 2026/04/24 10:13 p.m.•158 views

Exploit for CVE-2025-2304

HackTheBox — Facts Machine Writeup !HackTheBoxhttps://img...

9.4CVSS5.8AI score0.00206EPSS

Exploits15

Rapid7 Blog•added 2026/04/24 8:17 p.m.•5 views

Metasploit Wrap-Up 04/25/2026

Check Method Visibility Metasploit has supported check methods for many years now. It’s not always desirable to jump straight into exploiting a vulnerability but instead to determine if the target is vulnerable. Metasploit tries to be very conservative with classifying a target as “vulnerable”...

9.8CVSS9.1AI score0.61765EPSS

Exploits19

Packet Storm News•added 2026/04/21 12:0 a.m.•2 views

Camaleon CMS 2.9.1 Automated Admin Login, Version Detection, and Profile Update Script

This is a version detection and profile updating script for Camaleon CMS. It does not exploit any issue but can be useful for security testing to see if a vulnerable version is in use...

5.7AI score

Exploits0

Metasploit•added 2026/04/17 7:1 p.m.•198 views

Camaleon CMS Directory Traversal CVE-2024-46987

Exploits CVE-2024-46987, an authenticated directory traversal vulnerability in Camaleon CMS versions use auxiliary/gather/camaleondownloadprivatefile msf auxiliarycamaleondownloadprivatefile show actions ...actions... msf auxiliarycamaleondownloadprivatefile set ACTION msf...

7.7CVSS5.8AI score0.44011EPSS

Exploits11

Veracode•added 2026/03/14 5:28 a.m.•4 views

Camaleon CMS Vulnerable To Path Traversal Through AWS S3 Uploader Implementation

Camaleon CMS versions 2.4.5.0 through 2.9.1, prior to commit f54a77e, contain a path traversal vulnerability in the AWS S3 uploader implementation that allows authenticated users to read arbitrary files from the web server’s filesystem. The issue occurs in the downloadprivatefile functionality wh...

7.7CVSS5.9AI score0.44011EPSS

Exploits11Affected Software1

RedhatCVE•added 2026/03/11 7:8 a.m.•10 views

CVE-2026-1776

Camaleon CMS versions 2.4.5.0 through 2.9.0, prior to commit f54a77e, contain a path traversal vulnerability in the AWS S3 uploader implementation that allows authenticated users to read arbitrary files from the web server’s filesystem. The issue occurs in the downloadprivatefile functionality wh...

7.7CVSS5.8AI score0.44011EPSS

Exploits11References1

Github Security Blog•added 2026/03/10 9:31 a.m.•10 views

Camaleon CMS vulnerable to Path Traversal through AWS S3 uploader implementation

6.5CVSS5.8AI score0.00076EPSS

Exploits9References7Affected Software1

EUVD•added 2026/03/10 9:31 a.m.•0 views

EUVD-2026-10362

7.7CVSS5.8AI score0.44011EPSS

Exploits11References5

OSV•added 2026/03/10 9:31 a.m.•1 views

GHSA-JW5G-F64P-6X78 Camaleon CMS vulnerable to Path Traversal through AWS S3 uploader implementation

6.5CVSS5.8AI score0.00076EPSS

Exploits9References7

EUVD•added 2026/03/10 9:31 a.m.•0 views

EUVD-2026-10361

7.7CVSS5.8AI score0.44011EPSS

Exploits11References5

NVD•added 2026/03/10 7:38 a.m.•2 views

CVE-2026-1776

6.5CVSS0.00076EPSS

Exploits9References4

OSV•added 2026/03/10 7:38 a.m.•2 views

CVE-2026-1776

6CVSS5.8AI score

Exploits0References4

CNNVD•added 2026/03/10 12:0 a.m.•3 views

CAMALEON CMS 路径遍历漏洞

CAMALEON CMS is a dynamic advanced content management system developed by Owen Peredo Diaz. Versions of Camaleon CMS prior to 2.9.0 and versions before f54a77e contained a path traversal vulnerability. This vulnerability stems from path traversal in the AWS S3 uploader implementation, which could...

6.5CVSS5.8AI score0.00076EPSS

Exploits9References5

RubySec•added 2026/03/10 12:0 a.m.•53 views

Camaleon CMS vulnerable to Path Traversal through AWS S3 uploader implementation

6.5CVSS5.7AI score0.00076EPSS

Exploits9References1

Snyk•added 2026/03/09 10:39 p.m.•1 views

Directory Traversal

Overview camaleoncms is a dynamic and advanced content management system based on Ruby on Rails as an alternative to Wordpress. Affected versions of this package are vulnerable to Directory Traversal via the downloadprivatefile function when the application is configured to use the...

6.5CVSS6.3AI score0.00076EPSS

Exploits9References2

Vulnrichment•added 2026/03/09 9:8 p.m.•1 views

CVE-2026-1776 Camaleon CMS AWS Uploader Authenticated Path Traversal Arbitrary File Read

6CVSS5.8AI score0.00076EPSS

Exploits9References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by