CVE-2020-23691

YFCMF v2.3.1 has a Remote Command Execution (RCE) vulnerability in the index.php.