Directory traversal vulnerability in imgsrv.php in jchit counter 1.0.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in the acc parameter.
jchit counter 1.0.0