An issue in SeaCMS v.12.8 allows an malicious user to execute arbitrary code via the admin_ Weixin.php component.
seacms seacms