161 matches found
CVE-2025-67171
Incorrect access control in the /templates/ component of RiteCMS v3.1.0 allows attackers to access sensitive files via directory traversal...
CVE-2025-67173
A Cross-Site Request Forgery CSRF in the page creation/editing function of RiteCMS v3.1.0 allows attackers to arbitrarily create pages via a crafted POST request...
CVE-2025-67174
A local file inclusion LFI vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the adminlanguagefile and defaultpagelanguagefile in the admin.php component...
CVE-2025-67168
RiteCMS v3.1.0 was discovered to use insecure encryption to store passwords...
CVE-2025-67172
RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the parsespecialtags function...
PT-2025-51865
A local file inclusion LFI vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the admin language file and default page language file in the admin.php component...
CVE-2025-67172
RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the parsespecialtags function...
RiteCMS 安全漏洞
RiteCMS is an open source content management system based on php and sqlite. RiteCMS suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary Web...
CVE-2025-67168
RiteCMS v3.1.0 was discovered to use insecure encryption to store passwords...
CVE-2025-67173
A Cross-Site Request Forgery CSRF in the page creation/editing function of RiteCMS v3.1.0 allows attackers to arbitrarily create pages via a crafted POST request...
CVE-2025-67170
A reflected cross-site scripting XSS vulnerability in RiteCMS v3.1.0 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload...
CVE-2025-67171
Incorrect access control in the /templates/ component of RiteCMS v3.1.0 allows attackers to access sensitive files via directory traversal...
CVE-2025-67172
RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the parsespecialtags function...
CVE-2025-67168
RiteCMS v3.1.0 was discovered to use insecure encryption to store passwords...
CVE-2025-67170
A reflected cross-site scripting XSS vulnerability in RiteCMS v3.1.0 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload...
CVE-2025-67173
A Cross-Site Request Forgery CSRF in the page creation/editing function of RiteCMS v3.1.0 allows attackers to arbitrarily create pages via a crafted POST request...
CVE-2025-67174
A local file inclusion LFI vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the adminlanguagefile and defaultpagelanguagefile in the admin.php component...
RiteCMS 安全漏洞
RiteCMS is an open source content management system based on php and sqlite. RiteCMS has a cross-site request forgery vulnerability, the vulnerability stems from the page creation and editing functions do not adequately verify whether the request comes from a trusted user, an attacker can use thi...
PT-2025-51857
A Cross-Site Request Forgery CSRF in the page creation/editing function of RiteCMS v3.1.0 allows attackers to arbitrarily create pages via a crafted POST request...
CVE-2025-67172
RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the parsespecialtags function...