MidnightBSD

Advisories for alcasar

CVE-2024-38293

ALCASAR before 3.6.1 allows CSRF and remote code execution in activity.php.

Products Affected

Vendor Product Version
alcasar alcasar *
CVE-2024-38294

ALCASAR before 3.6.1 allows email_registration_back.php remote code execution.

Products Affected

Vendor Product Version
alcasar alcasar *
CVE-2024-38295

ALCASAR before 3.6.1 allows still_connected.php remote code execution.

Products Affected

Vendor Product Version
alcasar alcasar *