CVE-2020-19890

DBHcms v1.2.0 has an Arbitrary file read vulnerability in dbhcmsmodmod.editor.php $_GET[‘file’] is filename,and as there is no filter function for security, you can read any file’s content.

Date published : 2020-08-24

https://github.com/fragrant10/cve/tree/master/dbhcms1.2.0#15