RiteCMS version 3.1.0 and below suffers from a remote code execution vulnerability in the admin panel. An authenticated attacker can upload a PHP file and bypass the .htacess configuration to deny execution of .php files in media and files directory by default.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-04-08T12:00:39
Updated: 2024-08-04T05:02:11.498Z
Reserved: 2022-01-18T00:00:00
Link: CVE-2021-46367
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-04-08T12:15:08.127
Modified: 2024-11-21T06:33:59.027
Link: CVE-2021-46367
Redhat
No data.