PHPEventCalendar Remote Command Execution Vulnerability

PHPEventCalendar Remote Command Execution Vulnerability

A vulnerability has been reported in phpEventCalendar that may allow a user of phpEventCalendar to execute commands on a vulnerable host.

User supplied values are not properly sanitized.

Commands executed via this method will be executed with the privileges of the user running the web server process. This could potentially lead to a denial of service, or a remote attacker gaining elevated privileges.