Bubble issues

Repositories
Issues
Comments

Results 1 issues of


                                            Bubble

arbitrary file read vulnerability

# analysis The location of the vulnerability is line 55 in \taocms\include\Model\File.php and we can see that the path parameter is passed directly to file_get_contents function without filtering ![20220110154029](https://raw.githubusercontent.com/destinypwd/images/main/20220110154029.png) ![20220110154107](https://raw.githubusercontent.com/destinypwd/images/main/20220110154107.png)...