Attackers are actively exploiting CVE-2026-48939, an unrestricted file upload vulnerability in iCagenda, to upload malicious PHP code and achieve remote code execution on affected web servers.
exploited
PoC
iCagenda +16
web-application
rce
file-upload
cve
1r
2t
5c
5i
updated