Arbitrary file download vulnerability in Yiifcms ZipController.php page
Yiifcms is a content management system CMS developed on the yii framework. An arbitrary file download vulnerability exists in the ZipController.php page of Yiifcms version 1.5. An attacker can exploit this vulnerability to download arbitrary files using the "... /" to jump to a directory to...