idreamsoft iCMS Physical Path Disclosure Vulnerability
iCMS is an efficient and simple content management system built with PHP and MySQL. A physical path leak vulnerability exists in idreamsoft iCMS version 7.0.7 and lower. An attacker can obtain the physical path by displaying an invalid nickname field in the core/library/weixin.class.php pathname...