Submit #502168: https://github.com/zyx0814/Pichome Pichome 2.1.0 Arbitrary file readinfo

Titlehttps://github.com/zyx0814/Pichome Pichome 2.1.0 Arbitrary file read
DescriptionIn pichome2.1.0 version, in the /dzz/pichome/index.php file, by controlling $_GET['src'], the content of any file can be read without carrying any authentication information.
Source⚠️ https://github.com/sheratan4/cve/issues/4
User
 sheratan (UID 71236)
Submission02/16/2025 05:27 PM (1 Year ago)
Moderation02/27/2025 10:09 AM (11 days later)
StatusAccepted
VulDB entry297831 [zyx0814 Pichome 2.1.0 index.php?mod=textviewer src path traversal]
Points16

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!