Eventum Project: Security Vulnerabilities
Eventum before 2.3.5 allows remote attackers to reinstall the application via direct request to /setup/index.php.
CVSS Score
7.5
EPSS Score
0.276
Published
2018-01-31
htdocs/setup/index.php in Eventum before 2.3.5 allows remote attackers to inject and execute arbitrary PHP code via the hostname parameter.
CVSS Score
8.1
EPSS Score
0.169
Published
2018-01-31
Page 2