There is an arbitrary file upload vulnerability in FeehiCMS 2.0.8 at the head image upload, that allows attackers to execute relevant PHP code.

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-21516