1 writeup
A Ruby on Rails app running Camaleon CMS 2.9.0 is compromised via mass-assignment privilege escalation to admin, then an LFI in the admin …