CVE-2012-0934
Status: Modified
Last modified:
29-08-2017
Published:
29-01-2012
7.5
SUMMARY CVE-2012-0934
PHP remote file inclusion vulnerability in ajax/savetag.php in the Theme Tuner plugin for WordPress before 0.8 allows remote attackers to execute arbitrary PHP code via a URL in the tt-abspath parameter.
Access CVSS CVE-2012-0934
Attack Complexity | Attack Vector | Privileges Required | Scope | User Interaction |
---|---|---|---|---|
LOW | NETWORK | NONE | - | - |
Impact CVSS CVE-2012-0934
Confidentiality | Integrity | Availability |
---|---|---|
PARTIAL | PARTIAL | PARTIAL |
Details CVE-2012-0934
EPSS | 0.02054 |
---|---|
EPSS % | 0.89287 |
References |
|
CWE | CWE-94 |
CAPEC |
|
Vulnerable Configurations |
|