← back
CVE-2002-2167

CVE-2002-2167

EPSS 1.7%
Directory traversal vulnerability in function_foot_1.inc.php for Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to read arbitrary files via .. (dot dot) sequences terminated by a null character in the $designNo variable, which is part of an "include" function call.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://online.securityfocus.com/archive/1/282404http://www.iss.net/security_center/static/9581.phphttp://www.securityfocus.com/bid/5243