An arbitrary file upload vulnerability in the component /course/api/upload/pic of Roncoo Education v9.0.0 allows attackers to execute arbitrary code via a crafted file.Referenceshttps://github.com/roncoo/roncoo-education/issues/16
