Public CVE-2019-8290 disclosure

Online Store System v1.0 delete_file.php doesn't check to see if a user has administrative rights nor does it check for path traversal.