CVE Vulnerabilities

CVE-2004-0016

Published: Feb 03, 2004 | Modified: Oct 10, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

The calendar module for phpgroupware 0.9.14 does not enforce the save extension feature for holiday files, which allows remote attackers to create and execute PHP files.

Affected Software

Name Vendor Start Version End Version
Phpgroupware Phpgroupware 0.9.14 0.9.14

References