Arbitrary file deletion


This script is possibly vulnerable to arbitrary file deletion.

This issue allows an attacker to influence calls to the 'unlink()' function and delete arbitrary files. Due to a lack of input validation, an attacker can supply directory traversal sequences followed by an arbitrary file name to delete specific files.

ShareShare on FacebookTweet about this on TwitterShare on Google+

This vulnerability allows attackers to delete arbitrary files.

Your script should filter metacharacters from user input.

Acunetix Directory Traversal Attacks