Lucene search
K

14 matches found

CNVD
CNVD
added 2025/12/25 12:0 a.m.11 views

RiteCMS Code Execution Vulnerability

RiteCMS is an open source content management system based on php and sqlite. RiteCMS has a code execution vulnerability that stems from a flaw in the parsespecialtags function, which can be exploited by an attacker to cause remote code execution...

7.2CVSS6.5AI score0.00773EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/18 12:35 a.m.14 views

CVE-2025-67172

RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the parsespecialtags function...

7.2CVSS8.4AI score0.00773EPSS
Exploits1References1
NVD
NVD
added 2025/12/17 6:15 p.m.8 views

CVE-2025-67172

RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the parsespecialtags function...

7.2CVSS0.00773EPSS
Exploits1References4
OSV
OSV
added 2025/12/17 6:15 p.m.8 views

CVE-2025-67172

RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the parsespecialtags function...

7.2CVSS8.4AI score0.00773EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/12/17 12:0 a.m.8 views

PT-2025-51851

RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the parse special tags function...

7.2CVSS8.4AI score0.00773EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.4 views

RiteCMS 安全漏洞

RiteCMS is an open source content management system based on php and sqlite. RiteCMS has a code execution vulnerability that stems from a flaw in the parsespecialtags function, which can be exploited by an attacker to cause remote code execution...

7.2CVSS6.4AI score0.00773EPSS
Exploits1References5
CVE
CVE
added 2025/12/17 12:0 a.m.23 views

CVE-2025-67172

RiteCMS CVE-2025-67172 affects RiteCMS v3.1.0 and stems from a flaw in the parse_special_tags function, enabling authenticated remote code execution. The vulnerability is documented across multiple sources (NVD, RH, CNVD, OSV, EUVD, CNNVD, CVE lists) with CVSS v3.1 base score 7.2 (HIGH), Attack V...

7.2CVSS8.1AI score0.00773EPSS
Exploits1References4Affected Software1
Microsoft CVE
Microsoft CVE
added 2025/09/04 8:51 a.m.3 views

Improper handling of special tags within script contexts in html/template

...

6.1CVSS9.3AI score0.00798EPSS
Exploits0
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.3 views

lxml_html_clean 安全漏洞

lxmlhtmlclean is a separate project of the Fedora Python SIG open source HTML cleanup function copied from lxml.HTML.clean. A security vulnerability exists in versions of lxmlhtmlclean prior to 0.4.0, which stems from improper handling of special tags and is vulnerable to cross-site scripting...

7.7CVSS5.7AI score0.00472EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.34 views

openSUSE: Security Advisory for go1.20 (SUSE-SU-2023:3700-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS7.1AI score0.00815EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/12/12 5:30 p.m.52 views

Moderate: Red Hat Security Advisory: skopeo security update

An update for skopeo is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS6.7AI score0.01328EPSS
Exploits0References6
OSV
OSV
added 2023/09/20 9:19 a.m.9 views

SUSE-SU-2023:3701-1 Security update for go1.21

This update for go1.21 fixes the following issues: Update to go1.21.1 bsc1212475. - CVE-2023-39318: Fixed improper handling of HTML-like comments within script contexts in html/template bsc1215084. - CVE-2023-39319: Fixed improper handling of special tags within script contexts in html/template...

9.8CVSS7.1AI score0.01424EPSS
Exploits0References12
OSV
OSV
added 2023/09/20 9:17 a.m.14 views

SUSE-SU-2023:3700-1 Security update for go1.20

This update for go1.20 fixes the following issues: Update to go1.20.8 bsc1206346. - CVE-2023-39318: Fixed improper handling of HTML-like comments within script contexts in html/template bsc1215084. - CVE-2023-39319: Fixed improper handling of special tags within script contexts in html/template...

6.1CVSS6.9AI score0.00815EPSS
Exploits0References7
OSV
OSV
added 2023/09/07 4:11 p.m.37 views

GO-2023-2043 Improper handling of special tags within script contexts in html/template

The html/template package does not apply the proper rules for handling occurrences of " contexts. This may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack...

6.1CVSS6.5AI score0.00798EPSS
Exploits0References3
Rows per page
Query Builder