Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2015-7309

The theme editor in Bolt before 2.2.5 does not check the file extension when renaming files, which allows remote authenticated users to execute arbitrary code by renaming a crafted file and then directly accessing it.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.603
EPSS Ranking 98.1%
CVSS Severity
CVSS v2 Score 6.5
Products affected by CVE-2015-7309
  • Boltcms » Bolt » Version: N/A
    cpe:2.3:a:boltcms:bolt:-
  • Boltcms » Bolt » Version: 0.8.4
    cpe:2.3:a:boltcms:bolt:0.8.4
  • Boltcms » Bolt » Version: 0.8.5
    cpe:2.3:a:boltcms:bolt:0.8.5
  • Boltcms » Bolt » Version: 0.9.10
    cpe:2.3:a:boltcms:bolt:0.9.10
  • Boltcms » Bolt » Version: 0.9.5
    cpe:2.3:a:boltcms:bolt:0.9.5
  • Boltcms » Bolt » Version: 1.0.0
    cpe:2.3:a:boltcms:bolt:1.0.0
  • Boltcms » Bolt » Version: 1.0.5
    cpe:2.3:a:boltcms:bolt:1.0.5
  • Boltcms » Bolt » Version: 1.1.2
    cpe:2.3:a:boltcms:bolt:1.1.2
  • Boltcms » Bolt » Version: 1.1.4
    cpe:2.3:a:boltcms:bolt:1.1.4
  • Boltcms » Bolt » Version: 1.2.1
    cpe:2.3:a:boltcms:bolt:1.2.1
  • Boltcms » Bolt » Version: 1.3.0
    cpe:2.3:a:boltcms:bolt:1.3.0
  • Boltcms » Bolt » Version: 1.4.0
    cpe:2.3:a:boltcms:bolt:1.4.0
  • Boltcms » Bolt » Version: 1.4.3
    cpe:2.3:a:boltcms:bolt:1.4.3
  • Boltcms » Bolt » Version: 1.5.1
    cpe:2.3:a:boltcms:bolt:1.5.1
  • Boltcms » Bolt » Version: 1.5.6
    cpe:2.3:a:boltcms:bolt:1.5.6
  • Boltcms » Bolt » Version: 1.6.0
    cpe:2.3:a:boltcms:bolt:1.6.0
  • Boltcms » Bolt » Version: 1.6.2
    cpe:2.3:a:boltcms:bolt:1.6.2
  • Boltcms » Bolt » Version: 1.6.3
    cpe:2.3:a:boltcms:bolt:1.6.3
  • Boltcms » Bolt » Version: 1.6.3.1
    cpe:2.3:a:boltcms:bolt:1.6.3.1
  • Boltcms » Bolt » Version: 1.6.9
    cpe:2.3:a:boltcms:bolt:1.6.9
  • Boltcms » Bolt » Version: 2.0.0
    cpe:2.3:a:boltcms:bolt:2.0.0
  • Boltcms » Bolt » Version: 2.0.1
    cpe:2.3:a:boltcms:bolt:2.0.1
  • Boltcms » Bolt » Version: 2.0.2
    cpe:2.3:a:boltcms:bolt:2.0.2
  • Boltcms » Bolt » Version: 2.0.3
    cpe:2.3:a:boltcms:bolt:2.0.3
  • Boltcms » Bolt » Version: 2.0.4
    cpe:2.3:a:boltcms:bolt:2.0.4
  • Boltcms » Bolt » Version: 2.0.5
    cpe:2.3:a:boltcms:bolt:2.0.5
  • Boltcms » Bolt » Version: 2.0.6
    cpe:2.3:a:boltcms:bolt:2.0.6
  • Boltcms » Bolt » Version: 2.1.0
    cpe:2.3:a:boltcms:bolt:2.1.0
  • Boltcms » Bolt » Version: 2.1.1
    cpe:2.3:a:boltcms:bolt:2.1.1
  • Boltcms » Bolt » Version: 2.1.2
    cpe:2.3:a:boltcms:bolt:2.1.2
  • Boltcms » Bolt » Version: 2.1.3
    cpe:2.3:a:boltcms:bolt:2.1.3
  • Boltcms » Bolt » Version: 2.1.4
    cpe:2.3:a:boltcms:bolt:2.1.4
  • Boltcms » Bolt » Version: 2.1.5
    cpe:2.3:a:boltcms:bolt:2.1.5
  • Boltcms » Bolt » Version: 2.1.6
    cpe:2.3:a:boltcms:bolt:2.1.6
  • Boltcms » Bolt » Version: 2.1.7
    cpe:2.3:a:boltcms:bolt:2.1.7
  • Boltcms » Bolt » Version: 2.1.8
    cpe:2.3:a:boltcms:bolt:2.1.8
  • Boltcms » Bolt » Version: 2.1.9
    cpe:2.3:a:boltcms:bolt:2.1.9
  • Boltcms » Bolt » Version: 2.2.0
    cpe:2.3:a:boltcms:bolt:2.2.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved