Sameletom

**Name of the Vulnerable Software and Affected Versions** Z-BlogPHP version 1.5.1 **Description** The issue allows remote attackers to discover the full path of the system via a direct request to "zb system/function/lib/upload.php". **Recommendations** For Z-BlogPHP version 1.5.1, consider restricting access to the "zb system/function/lib/upload.php" file to prevent path disclosure until a patch is available.