CVE-2019-18204
Zucchetti InfoBusiness before and including 4.4.1 allows any authenticated user to upload .php files in order to achieve code execution.
Date published : 2019-10-30
https://blog.hacktivesecurity.com/index.php?controller=post&action=view&id_post=42