A remote code execution (RCE) vulnerability in the Template Management function of MCMS v5.2.4 allows malicious users to execute arbitrary code via a crafted payload.
mingsoft mcms 5.2.4