CVE-2002-2167

The CVE-2002-2167 issue affects Thorsten Korner’s 123tkShop prior to version 0.3.1. A directory traversal flaw exists in function_foot_1.inc.php: a crafted designNo value can terminate with a null character, enabling remote attackers to read arbitrary files via include() calls. Impact is read acc...