Moole Vulnerability Database

Find real vulnerabilities before they ship

Unknown

CVE-2004-0016

The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote attackers to create and execute PHP files.

PublishedFeb 03, 2004, 05:00

Published Bycve@mitre.org

Affected Versions

No affected versions found.

References

http://www.debian.org/security/2004/dsa-419
http://www.osvdb.org/6860
http://www.securityfocus.com/bid/9387
https://exchange.xforce.ibmcloud.com/vulnerabilities/13489

Weakness Type

NVD-CWE-Other

CVSS Metrics

Base Score

7.5

Vector String

AV:N/AC:L/Au:N/C:P/I:P/A:P

Base SeverityUnknown

Version

2.0

Attack Vector (AV)