Primary

Context

PerfreeBlog Directory Traversal Vulnerability in getThemeFilesByName Function

Vulnerability

A directory traversal vulnerability has been identified in PerfreeBlog version 4.0.11. The issue arises in the getThemeFilesByName function, allowing for unauthorized access to files and directories on the server.

Impact

Exploitation of this vulnerability could lead to unauthorized file access, potentially allowing an attacker to read sensitive files on the server.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

2.5

exploitability

8.9

remediation

0.0

relevance

0.4

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

2.5

exploitability

8.9

remediation

0.0

relevance

0.4

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PerfreeBlog Directory Traversal Vulnerability in getThemeFilesByName Function

Vulnerability

Impact

Affected Products

PerfreeBlog

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating