CVE-2024-38293 Information

Description

ALCASAR before 3.6.1 allows CSRF and remote code execution in activity.php.

Reference

https://adullact.net/frs/download.php/file/8930/CHANGELOG.md https://alcasar.net/download