Description
Cross-site request forgery (CSRF) vulnerability in RiteCMS 1.0.0 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via an edit user action to cms/index.php.
Exploits (1)
exploitdb
WORKING POC
by Yashar shahinzadeh · textwebappsphp
https://www.exploit-db.com/exploits/27315
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/61587
Exploit x_refsource_misc
http://packetstormsecurity.com/files/122663/Rite-CMS-1.0.0-Cross-Site-Request-Forgery-Cross-Site-Scripting.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/86193
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/27315
Scores
EPSS
0.0026
EPSS Percentile
49.0%
Details
CWE
CWE-352
Status
published
Products (1)
ritecms/ritecms
1.0.0
Published
Aug 20, 2013
Tracked Since
Feb 18, 2026