Unrated severityNVD Advisory· Published Feb 3, 2004· Updated Apr 16, 2026

CVE-2004-0016

Description

The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote attackers to create and execute PHP files.

Affected products

PhpGroupWare/Phpgroupware
cpe:2.3:a:phpgroupware:phpgroupware:0.9.14:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.debian.org/security/2004/dsa-419nvdPatchVendor Advisory
www.securityfocus.com/bid/9387nvdVendor Advisory
www.osvdb.org/6860nvd
exchange.xforce.ibmcloud.com/vulnerabilities/13489nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000