Product
tuzitio camaleon cms
11 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-1776
CVE-2023-53936
CVE-2024-48652
CVE-2024-46987
CVE-2024-46986
CVE-2023-30145
CVE-2021-25972
CVE-2021-25971
CVE-2021-25970
CVE-2021-25969
CVE-2018-18260
>= 2.4.5 and <= 2.9.0
Camaleon CMS versions 2.4.5.0 through 2.9.0, prior to commit f54a77e, contain a path traversal vulnerability in the AWS S3 uploade
all versions
Cameleon CMS 2.7.4 contains a persistent cross-site scripting vulnerability that allows authenticated administrators to inject mal
all versions
Cross Site Scripting vulnerability in camaleon-cms v.2.7.5 allows remote attacker to execute arbitrary code via the content group
>= 2.8.0 and < 2.8.2
Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. A path traversal vulnerability accessible
< 2.8.2
Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. An arbitrary file write vulnerability acc
<= 2.7.0
Camaleon CMS v2.7.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the formats parameter.
>= 2.1.2.0 and <= 2.6.0
In Camaleon CMS, versions 2.1.2.0 to 2.6.0, are vulnerable to Server-Side Request Forgery (SSRF) in the media upload feature, whic
>= 2.0.1 and <= 2.6.0
In Camaleon CMS, versions 2.0.1 to 2.6.0 are vulnerable to an Uncaught Exception. The app's media upload feature crashes permanent
>= 0.1.7 and <= 2.6.0
Camaleon CMS 0.1.7 to 2.6.0 doesn’t terminate the active session of the users, even after the admin changes the user’s passwor
>= 0.0.1 and <= 2.6.0
In Camaleon CMS application, versions 0.0.1 to 2.6.0 are vulnerable to stored XSS, that allows an unauthenticated attacker to stor
all versions
In the 2.4 version of Camaleon CMS, Stored XSS has been discovered. The profile image in the User settings section can be run in t