CVE-2018-12494
PublicCMS 4.0.20180210 is affected by a directory traversal and arbitrary file read vulnerability. The issue is reachable via the admin/cmsTemplate/content.html?path=../ URI, indicating that user-supplied path parameters can traverse the filesystem to read arbitrary files. Connected documents cor...