CVE-2018-20526
Roxy Fileman 1.4.5 allows unrestricted file upload in upload.php.
Date published : 2019-03-18
https://www.exploit-db.com/exploits/46085/
http://packetstormsecurity.com/files/151033/Roxy-Fileman-1.4.5-File-Upload-Directory-Traversal.html