Gsir

**Name of the Vulnerable Software and Affected Versions** Event Management System version 1.0 **Description** The issue allows attackers to execute arbitrary code via a crafted PHP file, exploiting an arbitrary file upload vulnerability in the /Royal Event/update image.php component. **Recommendations** For Event Management System version 1.0, as a temporary workaround, consider disabling the /Royal Event/update image.php component until a patch is available. Restrict access to this component to minimize the risk of exploitation. Avoid using this component to upload files until the issue is resolved.