Z-BlogPHP v1.6.1.2100 exists to contain an arbitrary file deletion vulnerability via \app_del.php.
zblogcn z-blogphp 1.6.1.2100