[feehi/cms] Feehi CMS arbitrary code execution via crafted PHP file

An arbitrary file upload vulnerability in the Advertising Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary code via a crafted PHP file.

References

• https://nvd.nist.gov/vuln/detail/CVE-2022-34971
• https://github.com/liufee/cms/issues/62
• https://github.com/advisories/GHSA-jxg9-2ch7-f552