Lucene search
K

6 matches found

OSV
OSV
added 2025/12/17 7:16 p.m.5 views

CVE-2025-67174

A local file inclusion LFI vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the adminlanguagefile and defaultpagelanguagefile in the admin.php component...

7.5CVSS6.5AI score0.01098EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/12/17 12:0 a.m.7 views

PT-2025-51865

A local file inclusion LFI vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the admin language file and default page language file in the admin.php component...

6.6AI score0.01098EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/12/17 12:0 a.m.20 views

CVE-2025-67174

A local file inclusion LFI vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the adminlanguagefile and defaultpagelanguagefile in the admin.php component...

0.01098EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/17 12:0 a.m.3 views

CVE-2025-67174

A local file inclusion LFI vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the adminlanguagefile and defaultpagelanguagefile in the admin.php component...

6.2AI score0.01098EPSS
Exploits1References4
CVE
CVE
added 2025/12/17 12:0 a.m.10 views

CVE-2025-67174

RiteCMS v3.1.0 contains a local file inclusion (LFI) vulnerability in the admin.php component, exploitable via directory traversal in admin_language_file and default_page_language_file. The issue allows an attacker to read arbitrary files on the host. Multiple connected sources (CNVD-2026-05343, ...

7.5CVSS6.2AI score0.01098EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2025/09/04 12:15 p.m.4 views

CVE-2025-41041

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'datacode', 'datalang0key', 'datalang0value', 'datalang1key' and 'datatitle' parameters in /apprain/developer/language/default.x...

5.4CVSS0.00162EPSS
Exploits0References1
Rows per page
Query Builder