Vulnerabilities > Ritecms > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-25 | CVE-2023-44767 | Cross-site Scripting vulnerability in Ritecms 3.0 A File upload vulnerability in RiteCMS 3.0 allows a local attacker to upload a SVG file with XSS content. | 4.8 |
| 2023-10-04 | CVE-2023-43877 | Cross-site Scripting vulnerability in Ritecms 3.0 Rite CMS 3.0 has Multiple Cross-Site scripting (XSS) vulnerabilities that allow attackers to execute arbitrary code via a payload crafted in the Home Page fields in the Administration menu. | 4.8 |
| 2023-09-28 | CVE-2023-43878 | Cross-site Scripting vulnerability in Ritecms 3.0 Rite CMS 3.0 has Multiple Cross-Site scripting (XSS) vulnerabilities that allow attackers to execute arbitrary code via a crafted payload into the Main Menu Items in the Administration Menu. | 5.4 |
| 2023-09-28 | CVE-2023-43879 | Cross-site Scripting vulnerability in Ritecms 3.0 Rite CMS 3.0 has a Cross-Site scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload into the Global Content Blocks in the Administration Menu. | 4.8 |
| 2022-04-12 | CVE-2022-24247 | Path Traversal vulnerability in Ritecms RiteCMS version 3.1.0 and below suffers from an arbitrary file overwrite via path traversal vulnerability in Admin Panel. | 6.5 |
| 2022-04-12 | CVE-2022-24248 | Path Traversal vulnerability in Ritecms RiteCMS version 3.1.0 and below suffers from an arbitrary file deletion via path traversal vulnerability in Admin Panel. | 6.5 |