skycaiji-v2.5.4 has a thinkphp log leak vulnerability

You can get the source code from here

https://down.chinaz.com/api/index/download?id=38972&type=code

Directly place it in the root directory of the website, access the server IP, and follow the prompts to install

After installation, it can be found that there is a thinkphp log file in this directory

Attackers can directly obtain website log files by traversing directories

Attackers can obtain sensitive information such as backend addresses and administrator accounts through this method.