MCMS v5.2.4 exists to contain an arbitrary file deletion vulnerability via the component /template/unzip.do.
mingsoft mcms 5.2.4