An arbitrary file rename vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via renaming a PHP file to a SVG format.
https://gist.github.com/CongSec/3cf968621f71a7da35dcc9b8f0b29bb2