CVE-2017-17992

Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt