Yccms is a Php-based lightweight CMS builder from the Yccms team. yccms 3.3 has a file upload vulnerability, which stems from an error in the xhUp functionβs determination of request parameters and can be exploited by attackers to cause remote code execution.