CVE-2020-21359

An arbitrary file upload vulnerability in the Template Upload function of Maccms10 allows attackers bypass the suffix whitelist verification to execute arbitrary code via adding a character to the end of the uploaded file’s name.

Source: CVE-2020-21359