H1Dery

**Name of the Vulnerable Software and Affected Versions** doorGets version 7.0 **Description** The issue allows remote attackers to write to arbitrary files via directory traversal. This can be demonstrated by a "/dg-user/?controller=theme&action=edit&name=doorgets&file=../../1.txt%00" URI with content in the `theme content nofi` parameter. **Recommendations** For doorGets version 7.0, consider restricting access to the `theme` controller and `edit` action to minimize the risk of exploitation. Avoid using the `file` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.