Codoforum v5.1 was discovered to contain an arbitrary file upload vulnerability via the logo change option in the admin panel.
https://vikaran101.medium.com/codoforum-v5-1-authenticated-rce-my-first-cve-f49e19b8bc
https://github.com/Vikaran101/CVE-2022-31854/blob/main/exploit.py
http://packetstormsecurity.com/files/167782/CodoForum-5.1-Remote-Code-Execution.html