Directory traversal

Multiple directory traversal vulnerabilities in PHP-Fusion before 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. dot dot in the 1 usertheme parameter to maincore.php; or remote authenticated administrators to delete arbitrary files via the 2 enable...