An arbitrary file upload vulnerability in the move_uploaded_file() function of LJCMS v4.3 allows malicious users to execute arbitrary code.
8cms ljcms 4.3.-