Lucene search
HistoryJan 29, 2012 - 4:04 a.m.
CVE-2012-0934
cve-2012-0934
php
remote file inclusion
vulnerability
ajax
savetag.php
theme tuner
wordpress
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
Low
0.021 Low
EPSS
Percentile
89.1%
PHP remote file inclusion vulnerability in ajax/savetag.php in the Theme Tuner plugin for WordPress before 0.8 allows remote attackers to execute arbitrary PHP code via a URL in the tt-abspath parameter.
Affected configurations
Node
zingiritheme_tuner_pluginRange≤0.7
ORzingiritheme_tuner_pluginMatch0.1
ORzingiritheme_tuner_pluginMatch0.2
ORzingiritheme_tuner_pluginMatch0.3
ORzingiritheme_tuner_pluginMatch0.4
ORzingiritheme_tuner_pluginMatch0.6
wordpresswordpress
References
Related
cvelist
cvelist
CVE-2012-0934
2012-01-29 02:00:00
openvas
openvas
dsquare
dsquare
WordPress Theme Tuner 0.7 RFI
2012-03-26 00:00:00
patchstack
patchstack
WordPress Theme Tuner Plugin <= 0.7 - Remote File Inclusion
2012-01-28 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_WPTHEMETUNER
2012-01-29 04:04:00
wpvulndb
wpvulndb
Theme Tuner < 0.8 - Remote File Inclusion
2012-01-23 00:00:00
prion
prion
Remote file inclusion
2012-01-29 04:04:00
nvd
nvd
CVE-2012-0934
2012-01-29 04:04:44
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
Low
0.021 Low
EPSS
Percentile
89.1%
Related for CVE-2012-0934