A remote code execution (RCE) vulnerability in baigo CMS v3.0-alpha-2 exists to allow malicious users to execute arbitrary code via uploading a crafted PHP file.
baigo baigo cms 3.0