A Cross-Site Request Forgery (CSRF) in MiniCMS v1.11 allows malicious users to arbitrarily delete local .dat files via clicking on a malicious link.
1234n minicms 1.11