CVE-2006-1235
CVE-2006-1235 describes a directory traversal vulnerability in HitHost 1.0.0, specifically in admin/deleteuser.php, where the $deleteuser parameter could allow remote attackers to delete directories (possibly only empty ones). The initial disclosure notes that proof of the issue was inconclusive ...