CVE-2026-43200

A flaw was found in the Linux kernel's PCI endpoint functionality. Incorrect parameter handling in the pciprimaryepcepfunlink and pcisecondaryepcepfunlink functions allows a local user to trigger a kernel crash. This occurs when the unlink command is used in configfs, leading to a Denial of Servi...

PT-2025-48791

The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the process status unlink function in all versions up to, and including, 2.3.8. This makes it possible for unauthenticate...

CVE-2022-1953

The Product Configurator for WooCommerce WordPress plugin before 1.2.32 suffers from an arbitrary file deletion vulnerability via an AJAX action, accessible to unauthenticated users, which accepts user input that is being used in a path and passed to unlink without validation first...

CVE-2022-24647

Cuppa CMS v1.0 was discovered to contain an arbitrary file deletion vulnerability via the unlink function...

CVE-2022-24647

Cuppa CMS v1.0 was discovered to contain an arbitrary file deletion vulnerability via the unlink function...

Arbitrary file deletion

Cuppa CMS v1.0 was discovered to contain an arbitrary file deletion vulnerability via the unlink function...

CSZ CMS 安全漏洞

CSZ CMS is a PHP-based open source content management system CMS. version 1.2.9 of CSZ CMS contains a security vulnerability that stems from the vulnerability of CSZ CMS to arbitrary file deletion. This can occur in PHP when the unlink function is called with user input that may affect part or th...

Tipask 2.0 前台任意文件删除漏洞

简要描述： tipask可以调整头像保存并删除原始头像 在删除原始头像时使用了post提交的参数 造成任意文件删除漏洞 详细说明： function onsaveimg $x1 = $this- post'x1' ; $y1 = $this- post'y1' ; $x2 = $this- post'x2' ; $y2 = $this- post'y2' ; $w = $this- post'w' ; $h = $this- post'h' ; $ext = $this- post'ext' ; $uploadtmpfile = TIPASKROOT . "/data/tmp/"...