Directory traversal vulnerability in post-edit.php in MiniCMS V1.10 allows remote malicious users to include and execute arbitrary files via the state parameter.
1234n minicms 1.10