VulnerableCode Vulnerability Details - VCID-9pwj-kwvj-rkdf

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-9pwj-kwvj-rkdf

Essentials
Severities (4)
References (3)
Severity details (4)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-9pwj-kwvj-rkdf
Aliases	GHSA-3hp8-6j24-m5gm
Summary	Duplicate Advisory: Camaleon CMS vulnerable to remote code execution through code injection (GHSL-2024-185)
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-3hp8-6j24-m5gm
generic_textual	HIGH	https://github.com/owen2345/camaleon-cms
generic_textual	HIGH	https://github.com/owen2345/camaleon-cms/security/advisories/GHSA-7x4w-cj9r-h4v9
generic_textual	HIGH	https://github.com/rubysec/ruby-advisory-db/blob/master/gems/camaleon_cms/GHSA-7x4w-cj9r-h4v9.yml

Reference id	Reference type	URL
GHSA-3hp8-6j24-m5gm		https://github.com/advisories/GHSA-3hp8-6j24-m5gm
GHSA-7x4w-cj9r-h4v9		https://github.com/owen2345/camaleon-cms/security/advisories/GHSA-7x4w-cj9r-h4v9
GHSA-7x4w-cj9r-h4v9.yml		https://github.com/rubysec/ruby-advisory-db/blob/master/gems/camaleon_cms/GHSA-7x4w-cj9r-h4v9.yml

No exploits are available.

No EPSS data available for this vulnerability.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-11T20:36:04.360040+00:00	GHSA Importer	Import	https://github.com/advisories/GHSA-3hp8-6j24-m5gm	38.6.0