1. Home
  2. CVE Database
  3. CVE-2008-0231
HIGH · 7.5

CVE-2008-0231

Multiple directory traversal vulnerabilities in index.php in Tuned Studios (1) Subwoofer, (2) Freeze Theme, (3) Orange Cutout, (4) Lonely Maple, (5) Endless, (6) Classic Theme, and (7) Music Theme web...

Vulnerability Description

Multiple directory traversal vulnerabilities in index.php in Tuned Studios (1) Subwoofer, (2) Freeze Theme, (3) Orange Cutout, (4) Lonely Maple, (5) Endless, (6) Classic Theme, and (7) Music Theme webpage templates allow remote attackers to include and execute arbitrary files via ".." sequences in the page parameter. NOTE: this can be leveraged for remote file inclusion when running in some PHP 5 environments.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
Tuned StudiosClassic ThemeAll versions
Tuned StudiosEndlessAll versions
Tuned StudiosFreeze ThemeAll versions
Tuned StudiosLonely MapleAll versions
Tuned StudiosMusic ThemeAll versions
Tuned StudiosOrange CutoutAll versions
Tuned StudiosSubwooferAll versions

Related Weaknesses (CWE)

CWE-22

References

FAQ

What is CVE-2008-0231?

CVE-2008-0231 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple directory traversal vulnerabilities in index.php in Tuned Studios (1) Subwoofer, (2) Freeze Theme, (3) Orange Cutout, (4) Lonely Maple, (5) Endless, (6) Classic Theme, and (7) Music Theme web...

How severe is CVE-2008-0231?

CVE-2008-0231 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-0231?

Check the references section above for vendor advisories and patch information. Affected products include: Tuned Studios Classic Theme, Tuned Studios Endless, Tuned Studios Freeze Theme, Tuned Studios Lonely Maple, Tuned Studios Music Theme.