CVE-2021-41566

The file extension of the TadTools file upload function fails to filter, thus remote attackers can upload any types of files and execute arbitrary code without logging in. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt