Capt Nem0

**Name of the Vulnerable Software and Affected Versions** ContentServ versions 4.x **Description** A directory traversal issue exists, allowing remote attackers to read arbitrary files. This is achieved by using a .. (dot dot) in the `src` parameter of the admin/FileServer.php file. **Recommendations** For ContentServ version 4.x, consider restricting access to the admin/FileServer.php file until a patch is available. As a temporary workaround, avoid using the `src` parameter with .. (dot dot) sequences to minimize the risk of exploitation.