CVE-2019-11515

core/classes/db_backup.php in Gila CMS 1.10.1 allows admin/db_backup?download= absolute path traversal to read arbitrary files.
Source: NIST
CVE-2019-11515