CVE-2019-10238

Sitemagic CMS v4.4 has XSS in SMFiles/FrmUpload.class.php via the filename parameter.
Source: NIST
CVE-2019-10238