RiteCMS version 3.1.0 and below suffers from an arbitrary file overwrite via path traversal vulnerability in Admin Panel. Exploiting the vulnerability allows an authenticated attacker to overwrite any file in the web root (along with any other file on the server that the PHP process user has the proper permissions to write) resulting a remote code execution.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-04-12T11:10:04

Updated: 2024-08-03T04:07:02.350Z

Reserved: 2022-01-31T00:00:00

Link: CVE-2022-24247

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-04-12T12:15:08.683

Modified: 2024-11-21T06:50:02.403

Link: CVE-2022-24247

cve-icon Redhat

No data.