Arbitrary file deletion

zbzcms v1.0 was discovered to contain an arbitrary file deletion vulnerability via /include/up.php...