CVE-2007-1126
CVE-2007-1126 affects xtcommerce via a directory-traversal flaw in index.php where the template parameter can be manipulated with .. to read arbitrary files. The root cause is improper sanitization of the template parameter, enabling unauthorized file access. Documentation lists the vulnerability...