An issue in the /template/edit component of HongCMS v3.0 allows malicious users to getshell.
hongcms project hongcms 3.0.0