Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
RiteCMS version 3.1.0 and below suffers from an arbitrary file deletion via path traversal vulnerability in Admin Panel. Exploiting the vulnerability allows an authenticated attacker to delete any file in the web root (along with any other file on the server that the PHP process user has the proper permissions to delete). Furthermore, an attacker might leverage the capability of arbitrary file deletion to circumvent certain web server security mechanisms such as deleting .htaccess file that would deactivate those security constraints.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
RiteCMS 路径遍历漏洞
Vulnerability Description
RiteCMS是一个网站CMS。 RiteCMS 3.1.0 及以下版本存在安全漏洞,经过身份验证的攻击者可以删除 Web 根目录中的任何文件(以及服务器上 PHP 进程用户有权删除的任何其他文件)。
CVSS Information
N/A
Vulnerability Type
N/A