Vulnerability Details CVE-2022-24247
RiteCMS version 3.1.0 and below suffers from an arbitrary file overwrite via path traversal vulnerability in Admin Panel. Exploiting the vulnerability allows an authenticated attacker to overwrite any file in the web root (along with any other file on the server that the PHP process user has the proper permissions to write) resulting a remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.022
EPSS Ranking 83.6%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 8.5
References