Camaleon Cms Security Vulnerabilities and Issues — Camaleon Cms CVE List

Lucene search

TuzitioCamaleon Cms

3 matches found

CVE•added 2021/10/20 12:15 p.m.•46 views

CVE-2021-25971

In Camaleon CMS, versions 2.0.1 to 2.6.0 are vulnerable to an Uncaught Exception. The app's media upload feature crashes permanently when an attacker with a low privileged access uploads a specially crafted .svg file

4.3CVSS4.4AI score0.00389EPSS

CVE•added 2021/10/20 12:15 p.m.•39 views

CVE-2021-25972

In Camaleon CMS, versions 2.1.2.0 to 2.6.0, are vulnerable to Server-Side Request Forgery (SSRF) in the media upload feature, which allows admin users to fetch media files from external URLs but fails to validate URLs referencing to localhost or other internal servers. This allows attackers to read...

4.9CVSS4.9AI score0.00324EPSS

CVE•added 2024/10/22 10:15 p.m.•35 views

CVE-2024-48652

Cross Site Scripting vulnerability in camaleon-cms v.2.7.5 allows remote attacker to execute arbitrary code via the content group name field.

4.8CVSS7.4AI score0.04364EPSS