2018-01-31 18:00:00
mitre
PUBLISHED
htdocs/setup/index.php in Eventum before 2.3.5 allows remote attackers to inject and execute arbitrary PHP code via the hostname parameter.