index.php in Shopweezle 2.0 allows remote attackers to include arbitrary local files via the url parameter.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Shopweezle | Kansok_communications | 2.0 (including) | 2.0 (including) |
| Shopweezle | Kansok_communications | 2.0_personal (including) | 2.0_personal (including) |
| Shopweezle | Kansok_communications | 2.0_professional (including) | 2.0_professional (including) |
| Shopweezle | Kansok_communications | 2.0_professional_plus (including) | 2.0_professional_plus (including) |