Unrestricted File Upload Vulnerability in phpgroupware 0.9.14 Calendar Module
CVE-2004-0016 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote attackers to create and execute PHP files.
Learn more about our Web Application Penetration Testing UK.