RiteCMS version 3.1.0 and below suffers from a remote code execution vulnerability in the admin panel. An authenticated attacker can upload a PHP file and bypass the .htacess configuration to deny execution of .php files in media and files directory by default.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-04-08T12:00:39

Updated: 2024-08-04T05:02:11.498Z

Reserved: 2022-01-18T00:00:00

Link: CVE-2021-46367

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-04-08T12:15:08.127

Modified: 2024-11-21T06:33:59.027

Link: CVE-2021-46367

cve-icon Redhat

No data.