An arbitrary file upload vulnerability in /admin/media/upload of ZKEACMS V3.2.0 allows malicious users to execute arbitrary code via a crafted HTML file.
zkea zkeacms 3.2.0