There is a Upload vulnerability that can create file via /admin/?/plugin/file_manager/save,more detail see:philippe/FrogCMS#13
snappyJack/CVE-2018-16373
Frog CMS 0.9.5 has an Upload > vulnerability that can create files via > /admin/?/plugin/file_manager/save