In Dreamer CMS prior to 4.0.1, the backend attachment management office has an Arbitrary File Download vulnerability.
dreamer cms project dreamer cms