Pradeepch99

**Name of the Vulnerable Software and Affected Versions** flatCore version 1.4.7 **Description** The issue allows file deletion through directory traversal in the `delete` parameter to "acp/acp.php". The risk might be limited to requests submitted through CSRF. **Recommendations** For flatCore version 1.4.7, consider restricting access to the "acp/acp.php" endpoint to minimize the risk of exploitation. As a temporary workaround, avoid using the `delete` parameter in the affected endpoint until the issue is resolved.