Lucene search
K

161 matches found

NVD
NVD
added 2025/12/17 7:16 p.m.6 views

CVE-2025-67171

Incorrect access control in the /templates/ component of RiteCMS v3.1.0 allows attackers to access sensitive files via directory traversal...

7.5CVSS0.00687EPSS
Exploits1References2
NVD
NVD
added 2025/12/17 7:16 p.m.6 views

CVE-2025-67173

A Cross-Site Request Forgery CSRF in the page creation/editing function of RiteCMS v3.1.0 allows attackers to arbitrarily create pages via a crafted POST request...

6.8CVSS0.00159EPSS
Exploits1References2
NVD
NVD
added 2025/12/17 7:16 p.m.8 views

CVE-2025-67174

A local file inclusion LFI vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the adminlanguagefile and defaultpagelanguagefile in the admin.php component...

7.5CVSS0.01098EPSS
Exploits1References4
NVD
NVD
added 2025/12/17 7:16 p.m.7 views

CVE-2025-67168

RiteCMS v3.1.0 was discovered to use insecure encryption to store passwords...

5.3CVSS0.00125EPSS
Exploits1References3
NVD
NVD
added 2025/12/17 6:15 p.m.9 views

CVE-2025-67172

RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the parsespecialtags function...

7.2CVSS0.00773EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/12/17 12:0 a.m.8 views

PT-2025-51865

A local file inclusion LFI vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the admin language file and default page language file in the admin.php component...

6.6AI score0.01098EPSS
Exploits1References5
OSV
OSV
added 2025/12/17 12:0 a.m.8 views

CVE-2025-67172

RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the parsespecialtags function...

7.2CVSS8.4AI score0.00773EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.6 views

RiteCMS 安全漏洞

RiteCMS is an open source content management system based on php and sqlite. RiteCMS suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary Web...

6.1CVSS5.9AI score0.00218EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/17 12:0 a.m.4 views

CVE-2025-67168

RiteCMS v3.1.0 was discovered to use insecure encryption to store passwords...

6.8AI score0.00125EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/17 12:0 a.m.3 views

CVE-2025-67173

A Cross-Site Request Forgery CSRF in the page creation/editing function of RiteCMS v3.1.0 allows attackers to arbitrarily create pages via a crafted POST request...

6.4AI score0.00159EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/12/17 12:0 a.m.2 views

CVE-2025-67170

A reflected cross-site scripting XSS vulnerability in RiteCMS v3.1.0 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload...

5.9AI score0.00218EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/17 12:0 a.m.25 views

CVE-2025-67171

Incorrect access control in the /templates/ component of RiteCMS v3.1.0 allows attackers to access sensitive files via directory traversal...

0.00687EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/17 12:0 a.m.30 views

CVE-2025-67172

RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the parsespecialtags function...

0.00773EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/17 12:0 a.m.24 views

CVE-2025-67168

RiteCMS v3.1.0 was discovered to use insecure encryption to store passwords...

0.00125EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/12/17 12:0 a.m.27 views

CVE-2025-67170

A reflected cross-site scripting XSS vulnerability in RiteCMS v3.1.0 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload...

0.00218EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/17 12:0 a.m.25 views

CVE-2025-67173

A Cross-Site Request Forgery CSRF in the page creation/editing function of RiteCMS v3.1.0 allows attackers to arbitrarily create pages via a crafted POST request...

0.00159EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/17 12:0 a.m.24 views

CVE-2025-67174

A local file inclusion LFI vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the adminlanguagefile and defaultpagelanguagefile in the admin.php component...

0.01098EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.4 views

RiteCMS 安全漏洞

RiteCMS is an open source content management system based on php and sqlite. RiteCMS has a cross-site request forgery vulnerability, the vulnerability stems from the page creation and editing functions do not adequately verify whether the request comes from a trusted user, an attacker can use thi...

6.8CVSS5.8AI score0.00159EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/17 12:0 a.m.6 views

PT-2025-51857

A Cross-Site Request Forgery CSRF in the page creation/editing function of RiteCMS v3.1.0 allows attackers to arbitrarily create pages via a crafted POST request...

6.8CVSS6.8AI score0.00159EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/17 12:0 a.m.3 views

CVE-2025-67172

RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the parsespecialtags function...

8.1AI score0.00773EPSS
Exploits1References4
Rows per page
Query Builder