Ajax

**Name of the Vulnerable Software and Affected Versions** KwsPHP version 1.3.456 **Description** A directory traversal issue in the eskuel module's help.php file allows remote attackers to execute arbitrary commands by manipulating the `action` parameter. **Recommendations** For version 1.3.456, consider restricting access to the `action` parameter in the help.php file of the eskuel module to prevent command execution until a fix is available.