Lucene search
K

8 matches found

CVE
CVE
added 2018/01/31 6:0 p.m.65 views

CVE-2014-1631

CVE-2014-1631 affects Eventum prior to 2.3.5. The root cause is incorrect default permissions in the installation workflow (setup/index.php) allowing remote reinstall, paired with potential code injection through /config/config.php during setup. Affected versions include Eventum 2.3.4 (and earlie...

7.5CVSS7.6AI score0.09472EPSS
Exploits5References4Affected Software1
securityvulns
securityvulns
added 2014/02/03 12:0 a.m.99 views

Multiple Vulnerabilities in Eventum

Advisory ID: HTB23198 Product: Eventum Vendor: Eventum Development Team Vulnerable Versions: 2.3.4 and probably prior Tested Version: 2.3.4 Advisory Publication: January 22, 2014 without technical details Vendor Notification: January 22, 2014 Vendor Patch: January 24, 2014 Public Disclosure:...

9.3CVSS0.2AI score0.10683EPSS
Exploits6
0day.today
0day.today
added 2014/01/29 12:0 a.m.74 views

Eventum 2.3.4 Incorrect Permissions / Code Injection Vulnerabilities

Eventum version 2.3.4 suffers from incorrect default permission and code injection vulnerabilities. Vendor: Eventum Development Team Vulnerable Versions: 2.3.4 and probably prior Tested Version: 2.3.4 Advisory Publication: January 22, 2014 without technical details Vendor Notification: January 22...

5.5CVSS0.4AI score0.10683EPSS
Exploits6
Exploit DB
Exploit DB
added 2014/01/28 12:0 a.m.66 views

Eventum 2.3.4 - 'hostname' Remote Code Execution

Advisory ID: HTB23198 Product: Eventum Vendor: Eventum Development Team Vulnerable Versions: 2.3.4 and probably prior Tested Version: 2.3.4 Advisory Publication: January 22, 2014 without technical details Vendor Notification: January 22, 2014 Vendor Patch: January 24, 2014 Public Disclosure:...

9.3CVSS7.8AI score0.10683EPSS
Exploits6
exploitpack
exploitpack
added 2014/01/28 12:0 a.m.98 views

Eventum 2.3.4 - hostname Remote Code Execution

Eventum 2.3.4 - hostname Remote Code Execution Advisory ID: HTB23198 Product: Eventum Vendor: Eventum Development Team Vulnerable Versions: 2.3.4 and probably prior Tested Version: 2.3.4 Advisory Publication: January 22, 2014 without technical details Vendor Notification: January 22, 2014 Vendor...

9.3CVSS8.1AI score0.10683EPSS
Exploits6
Packet Storm
Packet Storm
added 2014/01/28 12:0 a.m.58 views

Eventum 2.3.4 Incorrect Permissions / Code Injection

Advisory ID: HTB23198 Product: Eventum Vendor: Eventum Development Team Vulnerable Versions: 2.3.4 and probably prior Tested Version: 2.3.4 Advisory Publication: January 22, 2014 without technical details Vendor Notification: January 22, 2014 Vendor Patch: January 24, 2014 Public Disclosure:...

5.5CVSS7.8AI score0.10683EPSS
Exploits6
Circl
Circl
added 2014/01/27 12:0 a.m.40 views

CVE-2014-1631

creationtimestamp| type| source ---|---|--- 2014-01-27 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39065 2014-01-28 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39066...

7.5CVSS6.8AI score0.09472EPSS
Exploits5References2
htbridge
htbridge
added 2014/01/22 12:0 a.m.43 views

Multiple Vulnerabilities in Eventum

High-Tech Bridge Security Research Lab discovered vulnerability in Eventum, which can be exploited to reinstall and compromise vulnerable application. 1 Incorrect Default Permissions in Eventum: CVE-2014-1631 The vulnerability exists due to incorrect default permission set for installation script...

10CVSS1.3AI score0.10683EPSS
Exploits6Affected Software1
Rows per page
Query Builder