Tuned Studios Multiple Webpage Templates 'index.php' Remote File Include Vulnerability

Multiple Tuned Studios webpage templates are prone to a remote file-include vulnerability because the applications fail to sufficiently sanitize user-supplied input.

An attacker can exploit this issue to include and execute arbitrary remote files in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.

This issue affects the following templates:

Subwoofer
Freeze Theme
Orange Cutout
Lonely Maple
Endless
Classic Theme
Music Theme


 

Privacy Statement
Copyright 2010, SecurityFocus