Jeakinscheung

**Name of the Vulnerable Software and Affected Versions** ESPCMS P8 **Description** The issue is an authenticated remote code execution vulnerability. It occurs via the `fetch filename` function located at `espcms publicespcms templatesESPCMS Templates`. **Recommendations** For ESPCMS P8, consider disabling the `fetch filename` function as a temporary workaround until a patch is available. Restrict access to the `espcms publicespcms templatesESPCMS Templates` directory to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.