Bwlryq

**Name of the Vulnerable Software and Affected Versions** YesWiki versions up to and including 4.4.5 **Description** The issue allows any authenticated user to arbitrarily remove content from the Wiki, resulting in partial loss of data and defacement/deterioration of the website. This is possible through the use of the file manager, which does not properly sanitize or verify the path provided by the user, allowing a malicious user to specify any arbitrary file on the filesystem for deletion. The vulnerability can be exploited by accessing the `filemanager` and using the `fmErase()` function, which does not restrict the deletion to specific directories or files. In a standard installation, this could allow a malicious user to delete important PHP files, such as `index.php` or core files of YesWiki, thereby completely cutting off access to the wiki. **Recommendations** For YesWiki versions up to and including 4.4.5, consider updating to version 4.5.0, which contains a patch for this issue. As a temporary workaround, restrict the possible paths of `fmErase()` to the `upload path` directory and limit its use to trashed files only. Additionally, ensure that any request to `fmErase()` or `fmDelete()` originates from the owner of the resource to which the attachment is linked.