phpwcms is an open source Web content management system. It is fast, easy to install and runs on any standard web server platform that supports PHP/MySQL. phpwcms version 1.9.25 is vulnerable to a directory traversal vulnerability. A remote attacker can exploit this vulnerability to delete arbitrary files via the unfiltered $file parameter in the include/inc_act/act_ftptakeover.php file.