CVE-2008-0231
Last modified
CVE-2008-0231 is a vulnerability of currently unknown severity. Multiple directory traversal vulnerabilities in index.php in Tuned Studios (1) Subwoofer, (2) Freeze Theme, (3) Orange Cutout, (4) Lonely Maple, (5) Endless, (6) Classic Theme, and (7) Music Theme webpage templates allow remote attackers to include and execute arbitrary files via ".." sequences in the page parameter. NOTE: this can be leveraged for remote file inclusion when running in some PHP 5 environments.. EPSS estimates a 2.51% chance of exploitation in the next 30 days.
Description
Multiple directory traversal vulnerabilities in index.php in Tuned Studios (1) Subwoofer, (2) Freeze Theme, (3) Orange Cutout, (4) Lonely Maple, (5) Endless, (6) Classic Theme, and (7) Music Theme webpage templates allow remote attackers to include and execute arbitrary files via ".." sequences in the page parameter. NOTE: this can be leveraged for remote file inclusion when running in some PHP 5 environments.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Tuned Studios | Classic Theme | All versions |
| Tuned Studios | Endless | All versions |
| Tuned Studios | Freeze Theme | All versions |
| Tuned Studios | Lonely Maple | All versions |
| Tuned Studios | Music Theme | All versions |
| Tuned Studios | Orange Cutout | All versions |
| Tuned Studios | Subwoofer | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2008-0231?
How severe is CVE-2008-0231?
How do I fix CVE-2008-0231?
Are you affected by CVE-2008-0231?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST