Alcasar
Monthly
ALCASAR before 3.6.1 allows still_connected.php remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ALCASAR before 3.6.1 allows email_registration_back.php remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ALCASAR before 3.6.1 allows CSRF and remote code execution in activity.php. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ALCASAR before 3.6.1 allows still_connected.php remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ALCASAR before 3.6.1 allows email_registration_back.php remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ALCASAR before 3.6.1 allows CSRF and remote code execution in activity.php. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.