CVE-2020-21481

Name of the Vulnerable Software and Affected Versions: RGCMS version 1.06

Description: An arbitrary file upload issue allows attackers to execute arbitrary code via a crafted .txt file which is later changed to a PHP file.

Recommendations: For RGCMS version 1.06, consider restricting file uploads to prevent the execution of arbitrary code until a patch is available. As a temporary workaround, restrict access to file upload functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.