A File Upload vulnerability in DedeCMS v5.7 allows a local malicious user to execute arbitrary code via a crafted payload.