CVE-2017-17924
PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via the id parameter to admin/review_userwise.php.
Date published : 2017-12-26
https://github.com/d4wner/Vulnerabilities-Report/blob/master/Professional-Service-Script.md