Name of the Vulnerable Software and Affected Versions:

Zavy86 WikiDocs versions through 1.0.77

Description:

A critical issue exists in Zavy86 WikiDocs that allows for path traversal. The vulnerability is located in the `image drop upload ajax`/`image delete ajax` function within the `submit.php` file. The attack can be initiated remotely.

Recommendations:

Upgrade to version 1.0.78.