Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ritecms ritecms vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2021-46367
RiteCMS version 3.1.0 and below suffers from a remote code execution vulnerability in the admin panel. An authenticated attacker can upload a PHP file and bypass the .htacess configuration to deny execution of .php files in media and files directory by default.
Ritecms Ritecms
9
CVSSv2
CVE-2020-23934
An issue exists in RiteCMS 2.2.1. An authenticated user can directly execute system commands by uploading a php web shell in the "Filemanager" section.
Ritecms Ritecms 2.2.1
1 Github repository
8.5
CVSSv2
CVE-2022-24248
RiteCMS version 3.1.0 and below suffers from an arbitrary file deletion via path traversal vulnerability in Admin Panel. Exploiting the vulnerability allows an authenticated malicious user to delete any file in the web root (along with any other file on the server that the PHP pr...
Ritecms Ritecms
8.5
CVSSv2
CVE-2022-24247
RiteCMS version 3.1.0 and below suffers from an arbitrary file overwrite via path traversal vulnerability in Admin Panel. Exploiting the vulnerability allows an authenticated malicious user to overwrite any file in the web root (along with any other file on the server that the PH...
Ritecms Ritecms
6.8
CVSSv2
CVE-2013-5316
Cross-site request forgery (CSRF) vulnerability in RiteCMS 1.0.0 allows remote malicious users to hijack the authentication of administrators for requests that change the administrator password via an edit user action to cms/index.php.
Ritecms Ritecms 1.0.0
1 EDB exploit
3.5
CVSSv2
CVE-2013-5317
Cross-site scripting (XSS) vulnerability in RiteCMS 1.0.0 allows remote authenticated users to inject arbitrary web script or HTML via the mode parameter to cms/index.php.
Ritecms Ritecms 1.0.0
1 EDB exploit
NA
CVE-2024-28623
RiteCMS v3.0.0 exists to contain a cross-site scripting (XSS) vulnerability via the component main_menu/edit_section.
1 Github repository
NA
CVE-2023-44767
A File upload vulnerability in RiteCMS 3.0 allows a local malicious user to upload a SVG file with XSS content.
Ritecms Ritecms 3.0
NA
CVE-2023-43877
Rite CMS 3.0 has Multiple Cross-Site scripting (XSS) vulnerabilities that allow malicious users to execute arbitrary code via a payload crafted in the Home Page fields in the Administration menu.
Ritecms Ritecms 3.0
NA
CVE-2023-43879
Rite CMS 3.0 has a Cross-Site scripting (XSS) vulnerability that allows malicious users to execute arbitrary code via a crafted payload into the Global Content Blocks in the Administration Menu.
Ritecms Ritecms 3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »