Fengzun

**Name of the Vulnerable Software and Affected Versions** textpattern cms version 4.8.8 **Description** There is an arbitrary file upload vulnerability in the background of textpattern cms, which leads to the loss of server permissions. **Recommendations** For textpattern cms version 4.8.8, update to a newer version that contains a fix for this issue. As a temporary workaround, consider restricting file upload capabilities to minimize the risk of exploitation.