J1Nse

**Name of the Vulnerable Software and Affected Versions** ZrLog version 2.1.15 **Description** A Directory Traversal vulnerability exists in the delete function of the admin.api.TemplateController in ZrLog, allowing remote attackers to delete arbitrary files and cause a denial of service (DoS). **Recommendations** For ZrLog version 2.1.15, consider disabling the delete function in the admin.api.TemplateController until a patch is available to prevent remote attackers from deleting arbitrary files. Restrict access to the TemplateController to minimize the risk of exploitation.