Main Vulnerability Database Exploits ID:12397 - Exploit for Permissions, Privileges, and Access Controls in Camaleon CMS - CVE-2025-2304

ID:12397 - Exploit for Permissions, Privileges, and Access Controls in Camaleon CMS - CVE-2025-2304

Published: February 13, 2026

Vulnerability identifier: #VU105805

Vulnerability risk: Medium

CVE-ID: CVE-2025-2304

CWE-ID: CWE-264

Exploitation vector: Remote access

Vulnerable software:
Camaleon CMS

Link to public exploit:

https://github.com/CsuriBird/CVE-2025-2304

Vulnerability description

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to use of the dangerous permit! method, which allows all parameters to pass through without any filtering, leading to security restrictions bypass and privilege escalation.

Remediation

Install updates from vendor's website.

ID:12397 - Exploit for Permissions, Privileges, and Access Controls in Camaleon CMS - CVE-2025-2304

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human