Vulnerabilities > Eventum Project

DATE CVE VULNERABILITY TITLE RISK
2018-01-31 CVE-2014-1632 Permission Issues vulnerability in Eventum Project Eventum
htdocs/setup/index.php in Eventum before 2.3.5 allows remote attackers to inject and execute arbitrary PHP code via the hostname parameter.
network
eventum-project CWE-275
critical
9.3
2018-01-31 CVE-2014-1631 Permission Issues vulnerability in Eventum Project Eventum
Eventum before 2.3.5 allows remote attackers to reinstall the application via direct request to /setup/index.php.
network
low complexity
eventum-project CWE-275
5.0