Aecous

**Name of the Vulnerable Software and Affected Versions** itechyou dreamer CMS version 4.1.3 **Description** A Directory Traversal issue allows a remote attacker to execute arbitrary code via the `themePath` in the uploaded template function. **Recommendations** For itechyou dreamer CMS version 4.1.3, update the software to a version that fixes this issue, or as a temporary workaround, consider restricting access to the uploaded template function to minimize the risk of exploitation.