Ucms · Ucms · CVE-2022-35426
**Name of the Vulnerable Software and Affected Versions**
UCMS version 1.6
**Description**
The issue allows for arbitrary file upload via the `ucms/sadmin/file` PHP file.
**Recommendations**
For version 1.6, consider restricting access to the `ucms/sadmin/file` PHP file to minimize the risk of exploitation.