CVE-2020-17452
flatCore before 1.5.7 allows upload and execution of a .php file by an admin.
Date published : 2020-08-09
https://lists.openwall.net/full-disclosure/2020/08/07/1
https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-flatcore-cms/