A file upload vulnerability exists in Getsimple CMS v3.3.10. The vulnerability allows authenticated users with low privileged accounts to upload files to the uploads directory. Malicious users can exploit this vulnerability to upload and run arbitrary code from the uploads directory.