github.com/gphper/ginadmin is vulnerable to arbitrary file read. The vulnerability exists in couple of functions in adminSystemController.go
because the incoming path value is not filtered which allows an attacker to gain access to the files and read sensitive information.