CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-0016

The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote attackers to create and execute PHP files.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 72.0%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.debian.org/security/2004/dsa-419
http://www.osvdb.org/6860
http://www.securityfocus.com/bid/9387
https://exchange.xforce.ibmcloud.com/vulnerabilities/13489
http://www.debian.org/security/2004/dsa-419
http://www.osvdb.org/6860
http://www.securityfocus.com/bid/9387
https://exchange.xforce.ibmcloud.com/vulnerabilities/13489

Products affected by CVE-2004-0016

Phpgroupware » Phpgroupware » Version: 0.9.14

cpe:2.3:a:phpgroupware:phpgroupware:0.9.14

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-0016

Products

Pricing

Contact Us