ThinkPHP50-CMS v1.0 contains a remote code execution (RCE) vulnerability in the component /public/?s=captcha.
thinkphp50-cms project thinkphp50-cms 1.0