2019-03-07 05:00:00
mitre
PUBLISHED
eBrigade through 4.5 allows Arbitrary File Download via ../ directory traversal in the showfile.php file parameter, as demonstrated by reading the user-data/save/backup.sql file.