Share
## https://sploitus.com/exploit?id=BDFED4FE-5563-559B-ABDF-4104B68CD3B4
# Exploit-for-CVE-2024-46987
Exploit for CVE-2024-46987

usage: requests1.py [-h] --url URL --username USERNAME --password PASSWORD --file FILE

Vulnerability Description

Camaleon CMS is a content management system built on Ruby on Rails.
A path traversal vulnerability in the MediaController (download_private_file method) allows an authenticated user to download arbitrary files from the server by manipulating file paths, depending on file permissions.

This can lead to information disclosure by exposing sensitive files on the server.

โš ๏ธ This exploit is provided for educational and research purposes only.