RiteCMS Local File Inclusion Vulnerability

A local file inclusion vulnerability has been identified in RiteCMS version 3.1.0. This vulnerability allows attackers to read arbitrary files on the host system by exploiting a directory traversal flaw in the 'admin_language_file' and 'default_page_language_file' parameters within the 'admin.php' component.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive files on the server, potentially including configuration files or other data that could be used to compromise the application or server.

Reproduction

To reproduce this vulnerability, send a POST request to 'admin.php' with the 'mode' parameter set to 'settings' and the 'action' parameter set to 'advanced_settings'. Include a crafted 'admin_language_file' or 'default_page_language_file' parameter that traverses directories to access arbitrary files on the server.