CVE-2008-2840

Name of the Vulnerable Software and Affected Versions Exero CMS versions 1.0.0 through 1.0.1

Description The issue allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme parameter to various PHP files, including "custompage.php", "errors/404.php", "members/memberslist.php", "members/profile.php", "news/fullview.php", "news/index.php", "nopermission.php", "usercp/avatar.php", or "usercp/editpassword.php" in "themes/Default/".

Recommendations For Exero CMS versions 1.0.0 and 1.0.1, consider restricting access to the vulnerable PHP files in the "themes/Default/" directory until a patch is available. As a temporary workaround, avoid using the theme parameter in the affected API endpoints until the issue is resolved. Restrict access to the "themes/Default/" directory to minimize the risk of exploitation.