joyplus-cms 1.6.0 allows remote malicious users to obtain sensitive information via a direct request to the install/ or log/ URI.
joyplus-cms project joyplus-cms 1.6.0