Shodan
Vulnerabilities
Vulnerable Software
Ritecms:  >> Ritecms  Security Vulnerabilities
CVE-2025-67170
A reflected cross-site scripting (XSS) vulnerability in RiteCMS v3.1.0 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-12-17
CVE-2025-67171
Incorrect access control in the /templates/ component of RiteCMS v3.1.0 allows attackers to access sensitive files via directory traversal.
CVSS Score
7.5
EPSS Score
0.004
Published
2025-12-17
CVE-2025-67173
A Cross-Site Request Forgery (CSRF) in the page creation/editing function of RiteCMS v3.1.0 allows attackers to arbitrarily create pages via a crafted POST request.
CVSS Score
6.8
EPSS Score
0.0
Published
2025-12-17
CVE-2025-67174
A local file inclusion (LFI) vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the admin_language_file and default_page_language_file in the admin.php component
CVSS Score
7.5
EPSS Score
0.001
Published
2025-12-17
CVE-2025-67168
RiteCMS v3.1.0 was discovered to use insecure encryption to store passwords.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-12-17
CVE-2025-67172
RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the parse_special_tags() function.
CVSS Score
7.2
EPSS Score
0.004
Published
2025-12-17
CVE-2024-28623
RiteCMS v3.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component main_menu/edit_section.
CVSS Score
6.1
EPSS Score
0.013
Published
2024-03-13
CVE-2023-44767
A File upload vulnerability in RiteCMS 3.0 allows a local attacker to upload a SVG file with XSS content.
CVSS Score
4.8
EPSS Score
0.002
Published
2023-10-25
CVE-2023-43877
Rite CMS 3.0 has Multiple Cross-Site scripting (XSS) vulnerabilities that allow attackers to execute arbitrary code via a payload crafted in the Home Page fields in the Administration menu.
CVSS Score
4.8
EPSS Score
0.001
Published
2023-10-04
CVE-2023-43878
Rite CMS 3.0 has Multiple Cross-Site scripting (XSS) vulnerabilities that allow attackers to execute arbitrary code via a crafted payload into the Main Menu Items in the Administration Menu.
CVSS Score
5.4
EPSS Score
0.003
Published
2023-09-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved