This repo describe how to exploit unrestricted file upload vulnerability on SiteMagic CMS 4.4.2
Website: https://sitemagic.org/ Download: https://sitemagic.org/Download.html
The FrmUpload.class.php doesn't handle the file types that can be uploaded to the website, allowing the upload of application/x-php files such as ".php"
The file uploaded on this poc is hosted here: http://sejalivre.org/sitemagic/files/images/info.php