The AdminerEvo team only supports the last published version and the last development version (last commit).
To report a vulnerability, create a new security advisory here.
Security issues are handled with top priority. Should a report go unnoticed for more than a week, please send a message in the original report thread.
Once acknowledged, a fix should be available and a new version released within a week.
Security advisories will be made public after a fix and new version have been released, or the advisory has been declined.