Race condition vulnerability discovered in portfolioCMS 1.0 allows remote attackers to run arbitrary code via fileExt parameter to localhost/admin/uploads.php.Referenceshttps://github.com/excellentoldtv/portfolioCMS-issues/issues/1
