Eval injection vulnerability in reserve.php in phpScheduleIt 1.2.10 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via the start_date parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.777
EPSS Ranking 98.9%