ScaffoldHub arbitrary file read vulnerability
When conducting a security code audit for one my clients, I found an arbitrary file read due to path traversal in scaffoldhub, the vulnerability is in the local file storage strategy.
I have fixed the vulnerability for my client since it was my first priority and then I responsibly disclosed this vulnerability to Felipe Lima the owner of the project on discord who acted quickly and in less than 2 hours patched  the issue and emailed his clients about the fix.
Felipe also kindly gave me a developer subscription to scaffoldhub so I guess I'm obliged to use it for my next web project!
 Felipe's patch: https://gist.github.com/felipepastorelima/46e78f4201c2efc803c276d0da0fc211