CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-2167

Directory traversal vulnerability in function_foot_1.inc.php for Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to read arbitrary files via .. (dot dot) sequences terminated by a null character in the $designNo variable, which is part of an "include" function call.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.4%

CVSS Severity

CVSS v2 Score 5.0

References

http://online.securityfocus.com/archive/1/282404
http://www.iss.net/security_center/static/9581.php
http://www.securityfocus.com/bid/5243
http://online.securityfocus.com/archive/1/282404
http://www.iss.net/security_center/static/9581.php
http://www.securityfocus.com/bid/5243

Products affected by CVE-2002-2167

Thorsten Korner » 123tkshop » Version: 0.2

cpe:2.3:a:thorsten_korner:123tkshop:0.2
Thorsten Korner » 123tkshop » Version: 0.3

cpe:2.3:a:thorsten_korner:123tkshop:0.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-2167

Products

Pricing

Contact Us