CMSeasy website Path Vulnerability and repair

Yitong enterprise website system, also known as Yitong enterprise website program, is the first marketing enterprise website management system developed by Yitong to provide enterprise website templates for free in China, the system front-end generates html, SEO-compliant, online customer service, potential Customer tracking, convenient enterprise website template creation, search engine promotion, and other functions of the enterprise website system.
Official Website: http://www.cmseasy.cn/
The vulnerability appears in the menu_top.php file. Check the code.

<? Php // Copyright (C) 2009-2011 www.cmseasy.cn, All rights reserved.
$ OOO0O0O00 =__ FILE __; $ OOO000000 = urldecode (% 74% 68% 36% 73% 62% 65% 68% 71% 6c % 61% 34% 6f % 5f % 63% 73% 61% 64% 6e % 72 ); $ OO00O0000 = 92; $ ooo=o0 = $ ooo=00 {4 }. $ OOO000000 {9 }. $ OOO000000 {3 }. $ ooo=00 {5}; $ ooo=o0. = $ OOO000000 {2 }. $ OOO000000 {10 }. $ OOO000000 {13 }. $ OOO000000 {16}; $ ooo=o0. = $ ooo=o0 {3 }. $ OOO000000 {11 }. $ OOO000000 {12 }. $ ooo=o0 {7 }. $ ooo1_00 {5}; $ o0o1_o0 = ooo1_o0; eval ($ o0o1_o0 (JE9PME9PMDAwMD0kT09PMDAw
MDAwezE3fS4kT09PMDAwMDAwezEyfS4kT09PMDAwMDAwezE4fS4kT
09PMDAwMDAwezV9LiRPT08wMDAwMDB7MTl9O2lmKCEwKSRPMDAwTzBPM
Bytes
Bytes
Bytes
Bytes
Bytes
Bytes
Bytes
Bytes
KrLycpKSk7ZXZhbCgkT08wME8wME8wKTs =); return ;?>
Kr9NHenNHenNHe1zfukgFMaXdoyjcUImb19oUAxyb18mRtwmwJ4LT09NHr8XTzEX
Bytes
Bytes
Bytes
Bytes
D6J5pZYkz0 + fbkSKjpjFMaifoAPk2lVcoa4R2lVcoa4R21vct9jcBxpfMAmhUXYtJL7
This vulnerability exists on the official website.
There are many other paths...
Lib/MoD/celive/menu_top.php
Lib/default/ballot_act.php
Lib/default/special_act.php

Fix: Nothing to say