2020-08-24 14:43:29
mitre
PUBLISHED
DBHcms v1.2.0 has an Arbitrary file read vulnerability in dbhcmsmodmod.editor.php $_GET[file] is filename,and as there is no filter function for security, you can read any files content.