Code-Zeng

**Name of the Vulnerable Software and Affected Versions** wityCMS version 0.6.2 **Description** The issue concerns an arbitrary file upload in the image upload component, allowing attackers to execute arbitrary code via a crafted PHP file. **Recommendations** For wityCMS version 0.6.2, update to a newer version that contains a fix for this issue, as using a crafted PHP file can lead to arbitrary code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.