Vulnerability in N/a
CVE-2023-30145
Camaleon CMS v2.7.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the formats parameter.
EPSS: 0.533 (98.0th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
Public proof-of-concept exploits
References
- portswigger.net/research/server-side-template-injection
- book.hacktricks.xyz/pentesting-web/ssti-server-side-template-injection
- drive.google.com/file/d/11MsSYqUnDRFjcwbQKJeL9Q8nWpgVYf2r/view
- github.com/paragbagul111/CVE-2023-30145
- packetstormsecurity.com/files/172593/Camaleon-CMS-2.7.0-Server-Side-Template-In…
Frequently asked questions
- What is CVE-2023-30145?
- CVE-2023-30145 is a vulnerability in N/a. Published 2023-05-26.
- Is CVE-2023-30145 known to be exploited?
- 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.