There is a file inclusion vulnerability in the template management module in UCMS 1.6
ucms project ucms 1.6