Yxcms Arbitrary File Deletion Vulnerability
YXcms is a PHP and MySQL based enterprise building content management system CMS. An arbitrary file deletion vulnerability exists in protected/apps/admin/controller/photoController.php in YXcms 1.4.7. A remote attacker can exploit this vulnerability by sending the 'picname' parameter via...