ThinkAdmin is a general purpose backend management system based on the ThinkPHP framework. A security vulnerability exists in ThinkAdmin version v6.1.53, which originates from allowing arbitrary file uploads. An attacker can exploit the vulnerability to execute arbitrary code via a specially crafted Zip file.