exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2024-46987

больше 1 года назад

Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. A path traversal vulnerability accessible via MediaController's download_private_file method allows authenticated users to download any file on the web server Camaleon CMS is running on (depending on the file permissions). This issue may lead to Information Disclosure. This issue has been addressed in release version 2.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS3: 7.7

EPSS: Низкий

GHSA-cp65-5m9r-vc2c

больше 1 года назад

Camaleon CMS vulnerable to arbitrary path traversal (GHSL-2024-183)

CVSS3: 6.5

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2024-46987 Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. A path traversal vulnerability accessible via MediaController's download_private_file method allows authenticated users to download any file on the web server Camaleon CMS is running on (depending on the file permissions). This issue may lead to Information Disclosure. This issue has been addressed in release version 2.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.	CVSS3: 7.7	0% Низкий	больше 1 года назад
	GHSA-cp65-5m9r-vc2c Camaleon CMS vulnerable to arbitrary path traversal (GHSL-2024-183)	CVSS3: 6.5	0% Низкий	больше 1 года назад

Уязвимостей на страницу