CVE-2017-11325
CVE-2017-11325 affects Tilde CMS 1.0.1. The vulnerability is a path-traversal in the download.File.php handler reachable via the file parameter (file=../), allowing an attacker to read arbitrary files. This aligns with the CVE description: Arbitrary files can be read via a file=../ attack on acti...