Seeddms 5.1.22 Exploit Guide

Faulty handling of file paths can allow users to view sensitive system files (like /etc/passwd on Linux) that they shouldn't have access to. Identifying the Version

$documentid = (int) $_GET['documentid']; // Insufficient casting bypass $query = "SELECT * FROM `tblDocuments` WHERE `id` = " . $_GET['documentid']; seeddms 5.1.22 exploit