← CVECheck
HomeVulnerabilities

CVE-2004-0016 — HIGH severity vulnerability (The calendar module for phpgroupware 0.9.14 does not enforce)

The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote attackers to create and execute PHP files.

CVE IDCVE-2004-0016
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2004-02-03
Last modified2026-04-16
DescriptionThe calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote attackers to create and execute PHP files.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →