Hello , I found Full Path Discolsure bug on your website ( on your blog )
A malicious attacker could use this bug to know where does his files go when he submit an attack .
Here is the link :
We can see :
Thanks for answering .
Thanks for the report!
please see our security page: http://piwik.org/security/
Notes: Vulnerabilities such as Path disclosure, Information disclosure, Open Directory Listing, Application Errors on pages, User logins and emails enumeration, do not qualify for the bounty program. Please do not send us emails with these reports.