← Voltar para CVEs
CVE-2004-0016
N/ADescricao
The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote attackers to create and execute PHP files.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado2/3/2004
Ultima modificacao4/16/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
phpgroupware:phpgroupware
Referencias
http://www.debian.org/security/2004/dsa-419(cve@mitre.org)
http://www.osvdb.org/6860(cve@mitre.org)
http://www.securityfocus.com/bid/9387(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/13489(cve@mitre.org)
http://www.debian.org/security/2004/dsa-419(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/6860(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/9387(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/13489(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.