Critical Vulnerability Information Vulnerability Overview Vendor: YiFeng Product: YiFeng CMS Version: 2.0.5 Download Link: http://www.yifengcms.com Vulnerability Type: File Upload Vulnerability Vulnerability Description File Path: Core Code Location: method Issue: During file upload processing, the final filename is controlled via and , enabling arbitrary file upload. Analysis Critical Code: Issue: When MIME check fails, the program displays an error message but does not delete the malicious file that has already been created, leaving a persistent backdoor. Vulnerability Reproduction Steps 1. Upload Test: Control the final filename using and . 2. Successful Upload: Upload a file using a specific header. 3. Verify Uploaded File: Access the uploaded file to confirm the vulnerability exists. POC (Proof of Concept) Summary This vulnerability allows attackers to bypass security checks by manipulating the filename and type of uploaded files, enabling arbitrary file upload—including malicious scripts—leading to arbitrary code execution on the target system.