6 matches found
CVE-2020-23934
An issue was discovered in RiteCMS 2.2.1. An authenticated user can directly execute system commands by uploading a php web shell in the "Filemanager" section...
Exploit for OS Command Injection in Ritecms
CVE-2020-23934 References 1 https://www.exploit-db.co...
CVE-2020-23934
An issue was discovered in RiteCMS 2.2.1. An authenticated user can directly execute system commands by uploading a php web shell in the "Filemanager" section...
CVE-2020-23934
Summary of CVE-2020-23934 (RiteCMS 2.2.1) : An authenticated user can upload a PHP web shell via the Filemanager and execute system commands on the server, enabling Remote Code Execution. The known exploit demonstrates uploading a shell and accessing it under /media/(filename).php, then issuing c...
CVE-2020-23934
creationtimestamp| type| source ---|---|--- 2020-07-06 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48636...
RiteCMS 2.2.1 - Authenticated Remote Code Execution
Exploit Title: RiteCMS 2.2.1 - Authenticated Remote Code Execution Date: 2020-07-03 Exploit Author: Enes Özeser Vendor Homepage: http://ritecms.com/ Version: 2.2.1 Tested on: Linux CVE: CVE-2020-23934 1- Go to following url. http://HOST/cms/ 2- Default username and password is admin:admin. We mus...