An arbitrary file upload in the image upload component of wityCMS v0.6.2 allows malicious users to execute arbitrary code via a crafted PHP file.
creatiwity witycms 0.6.2