BaijiaCMS, a Java Quest soft player from BaijiaCMS, has an arbitrary file upload vulnerability in BaijiaCMS v4, which stems from the applicationβs lack of validation of uploaded files. An attacker could exploit this vulnerability to upload malicious files to remotely execute arbitrary code.