Tag: arbitrary file read

All the articles with the tag "arbitrary file read".

• [CVE-2025-63889] ThinkPHP 5.0.24 Lets Attackers Read Any File on the Server

  20 Nov, 2025

  A directory traversal flaw in ThinkPHP’s template engine allows unauthenticated users to pull arbitrary files, including configuration secrets, straight from disk.