A remote code execution vulnerability in SEOPanel 4.6.0 has been fixed for 4.7.0. This vulnerability allowed for remote code execution through an authenticated file upload via the Settings Panel>Import website function.
https://www.exploit-db.com/exploits/48862
https://sourceforge.net/projects/seopanel/files/seopanel.v.4.6.0.zip/download