Affected Products

Vendor / product matrix with CVE counts sourced from the CPE catalog.

Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
ritecms
16030.1%HIGH

Related CVEs

6
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-67174A local file inclusion (LFI) vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the admin_language_file and default_page_language_file in the admin.php componentHIGH7.561.5%Dec 17, 2025
CVE-2025-67173A Cross-Site Request Forgery (CSRF) in the page creation/editing function of RiteCMS v3.1.0 allows attackers to arbitrarily create pages via a crafted POST request.MEDIUM6.85.4%Dec 17, 2025
CVE-2025-67171Incorrect access control in the /templates/ component of RiteCMS v3.1.0 allows attackers to access sensitive files via directory traversal.HIGH7.548.0%Dec 17, 2025
CVE-2025-67170A reflected cross-site scripting (XSS) vulnerability in RiteCMS v3.1.0 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload.MEDIUM6.112.2%Dec 17, 2025
CVE-2025-67168RiteCMS v3.1.0 was discovered to use insecure encryption to store passwords.MEDIUM5.32.6%Dec 17, 2025
CVE-2025-67172RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the parse_special_tags() function.HIGH7.251.1%Dec 17, 2025