MyPic v2. 1 through the file vulnerability-vulnerability warning-the black bar safety net

Official website: http://www.diqiye.com/mypic/ Vulnerability description: /bom.php the file didn't do any access restrictions Code: if isset$GET'dir' //config the basedir $basedir=$GET'dir';//this didn't do the filter you can enter any directory else $basedir = '.'; $auto = 1; checkdir$basedir;...