CVE-2004-0016

Опубликовано: 03 фев. 2004

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote attackers to create and execute PHP files.

Ссылки

http://www.debian.org/security/2004/dsa-419
Patch
Vendor Advisory
http://www.osvdb.org/6860
http://www.securityfocus.com/bid/9387
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/13489
http://www.debian.org/security/2004/dsa-419
Patch
Vendor Advisory
http://www.osvdb.org/6860
http://www.securityfocus.com/bid/9387
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/13489

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpgroupware:phpgroupware:0.9.14:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00741

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2004-0016

debian

больше 21 года назад

The calendar module for phpgroupware 0.9.14 does not enforce the "save ...

GHSA-fwqj-284x-gfhj

github

больше 3 лет назад