Kiwi865

**Name of the Vulnerable Software and Affected Versions** FeehiCMS version 2.1.1 **Description** FeehiCMS version 2.1.1 allows authenticated remote attackers to upload files that the server later executes without sufficient validation. An attacker can upload a crafted PHP file, causing the application or web server to execute it, resulting in remote code execution (RCE). The issue resides in Ad Management. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.