LightCMS v1.3.7 exists to contain a remote code execution (RCE) vulnerability via the image:make function.
lightcms project lightcms 1.3.7