CVE 2014-1632

htdocs/setup/index.php in Eventum before 2.3.5 allows remote attackers to inject and execute arbitrary PHP code via the hostname parameter.

Related bugs and status

CVE-2014-1632 (Candidate) is related to these bugs:

Bug #1271499: Eventum Security Vulnerabilities Notification

Summary				In	Importance	Status
	1271499	Eventum Security Vulnerabilities Notification		Eventum	High	Fix Released

See the

CVE page on Mitre.org for more details.