Key Vulnerability Information from the Screenshot Title: SyCms 1.0 Unrestricted Upload Description: - The file upload/save functionality in the SyCms content management system's administrative panel lacks necessary security validation when processing user-provided parameters. Authenticated administrative users can exploit this to write files with arbitrary content to arbitrary paths on the server, potentially leading to remote code execution (RCE). Source: - https://gitee.com/shanyu/SyCms/issues/IDCEWG User: - formanagain (UID 93347) Submission Date: - 12/11/2025 at 09:48 AM Moderation Date: - 12/27/2025 at 10:18 AM Status: - Accepted VulDB Entry: - 338508 Affected Versions: - shanyu SyCms up to a242ef2d194e8bb249dc175e7c49f2c1673ec921 Vulnerable File/Method: - Administrative Panel FileManageController.class.php code injection Points: - 20