9 matches found
CVE-2014-1632
htdocs/setup/index.php in Eventum before 2.3.5 allows remote attackers to inject and execute arbitrary PHP code via the hostname parameter...
CVE-2014-1632
CVE-2014-1632 : In Eventum, vulnerable up to version 2.3.4, the installation script/config handling allows remote code execution via the hostname parameter in /config/config.php during setup. The underlying issue is code injection due to insufficient input sanitization, enabling an attacker with ...
CVE-2014-1632
htdocs/setup/index.php in Eventum before 2.3.5 allows remote attackers to inject and execute arbitrary PHP code via the hostname parameter...
Multiple Vulnerabilities in Eventum
Advisory ID: HTB23198 Product: Eventum Vendor: Eventum Development Team Vulnerable Versions: 2.3.4 and probably prior Tested Version: 2.3.4 Advisory Publication: January 22, 2014 without technical details Vendor Notification: January 22, 2014 Vendor Patch: January 24, 2014 Public Disclosure:...
Eventum 2.3.4 Incorrect Permissions / Code Injection Vulnerabilities
Eventum version 2.3.4 suffers from incorrect default permission and code injection vulnerabilities. Vendor: Eventum Development Team Vulnerable Versions: 2.3.4 and probably prior Tested Version: 2.3.4 Advisory Publication: January 22, 2014 without technical details Vendor Notification: January 22...
Eventum 2.3.4 - hostname Remote Code Execution
Eventum 2.3.4 - hostname Remote Code Execution Advisory ID: HTB23198 Product: Eventum Vendor: Eventum Development Team Vulnerable Versions: 2.3.4 and probably prior Tested Version: 2.3.4 Advisory Publication: January 22, 2014 without technical details Vendor Notification: January 22, 2014 Vendor...
Eventum 2.3.4 Incorrect Permissions / Code Injection
Advisory ID: HTB23198 Product: Eventum Vendor: Eventum Development Team Vulnerable Versions: 2.3.4 and probably prior Tested Version: 2.3.4 Advisory Publication: January 22, 2014 without technical details Vendor Notification: January 22, 2014 Vendor Patch: January 24, 2014 Public Disclosure:...
CVE-2014-1632
creationtimestamp| type| source ---|---|--- 2014-01-28 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39066...
Eventum 2.3.4 - 'hostname' Remote Code Execution
Advisory ID: HTB23198 Product: Eventum Vendor: Eventum Development Team Vulnerable Versions: 2.3.4 and probably prior Tested Version: 2.3.4 Advisory Publication: January 22, 2014 without technical details Vendor Notification: January 22, 2014 Vendor Patch: January 24, 2014 Public Disclosure:...