CVE-2022-24247

Name of the Vulnerable Software and Affected Versions RiteCMS versions 3.1.0 and below

Description The issue allows an authenticated attacker to overwrite any file in the web root, as well as any other file on the server that the PHP process user has the proper permissions to write, resulting in remote code execution. This is due to an arbitrary file overwrite via path traversal vulnerability in the Admin Panel.

Recommendations For versions 3.1.0 and below, update to a version above 3.1.0 to resolve the issue. As a temporary workaround, consider restricting access to the Admin Panel to minimize the risk of exploitation.