CVE-2021-36425 Information

Description

Directory traversal vulnerability in phpcms 1.9.25 allows remote attackers to delete arbitrary files via unfiltered $file parameter to unlink method in include/inc_act/act_ftptakeover.php file.

Reference

https://github.com/slackero/phpwcms/issues/311