Vulnerabilities > Eventum Project > Eventum
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-31 | CVE-2014-1632 | Permission Issues vulnerability in Eventum Project Eventum htdocs/setup/index.php in Eventum before 2.3.5 allows remote attackers to inject and execute arbitrary PHP code via the hostname parameter. | 9.3 |
| 2018-01-31 | CVE-2014-1631 | Permission Issues vulnerability in Eventum Project Eventum Eventum before 2.3.5 allows remote attackers to reinstall the application via direct request to /setup/index.php. | 5.0 |