Portfolio CMS Competition Conditions Vulnerability

portfolioCMS is a Bootstrap portfolio website with an administration panel. portfolioCMS version 1.0.0 is vulnerable to a competitive condition. A remote attacker can execute arbitrary code via the fileExt parameter in localhost/admin/uploads.php.