Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud 4.0.5 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2012-5336
lib/base.php in ownCloud prior to 4.0.8 does not properly validate the user_id session variable, which allows remote authenticated users to read arbitrary files via vectors related to WebDAV.
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.0
Owncloud Owncloud
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.3
4.3
CVSSv2
CVE-2012-5056
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud Server prior to 4.0.8 allow remote malicious users to inject arbitrary web script or HTML via the (1) readyCallback parameter to apps/files_odfviewer/src/webodf/webodf/flashput/PUT.swf, the (2) root parameter to apps...
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.0
Owncloud Owncloud
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.1
4.3
CVSSv2
CVE-2012-5057
CRLF injection vulnerability in ownCloud Server prior to 4.0.8 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the url path parameter.
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.2
Owncloud Owncloud
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.3
4
CVSSv2
CVE-2012-4390
(1) apps/calendar/appinfo/remote.php and (2) apps/contacts/appinfo/remote.php in ownCloud prior to 4.0.7 allows remote authenticated users to enumerate the registered users via unspecified vectors.
Owncloud Owncloud 3.0.2
Owncloud Owncloud 3.0.1
Owncloud Owncloud 3.0.0
Owncloud Owncloud
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.2
6.8
CVSSv2
CVE-2012-4389
Incomplete blacklist vulnerability in lib/migrate.php in ownCloud prior to 4.0.7 allows remote malicious users to execute arbitrary code by uploading a crafted .htaccess file in an import.zip file and accessing an uploaded PHP file.
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.1
Owncloud Owncloud 3.0.3
Owncloud Owncloud 3.0.2
Owncloud Owncloud 3.0.1
Owncloud Owncloud
Owncloud Owncloud 3.0.0
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.0
6.8
CVSSv2
CVE-2012-4391
Cross-site request forgery (CSRF) vulnerability in core/ajax/appconfig.php in ownCloud prior to 4.0.7 allows remote malicious users to hijack the authentication of administrators for requests that edit the app configurations.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.5
Owncloud Owncloud 3.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.3
Owncloud Owncloud 3.0.1
4.3
CVSSv2
CVE-2013-0201
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.5, 4.0.10, and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) QUERY_STRING to core/lostpassword/templates/resetpassword.php, (2) mime parameter to apps/files/aja...
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.1
5
CVSSv2
CVE-2013-0302
Unspecified vulnerability in ownCloud Server prior to 4.0.12 allows remote malicious users to obtain sensitive information via unspecified vectors related to "inclusion of the Amazon SDK testing suite." NOTE: due to lack of details, it is not clear whether the issue exi...
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.9
Owncloud Owncloud
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.8
6.5
CVSSv2
CVE-2012-5610
Incomplete blacklist vulnerability in lib/filesystem.php in ownCloud prior to 4.0.9 and 4.5.x prior to 4.5.2 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a special crafted name.
Owncloud Owncloud 4.0.6
Owncloud Owncloud 3.0.3
Owncloud Owncloud 3.0.1
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.1
Owncloud Owncloud 3.0.0
Owncloud Owncloud 4.0.7
Owncloud Owncloud
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.2
4.3
CVSSv2
CVE-2012-5606
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud prior to 4.0.9 and 4.5.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) file name to apps/files_versions/js/versions.js or (2) apps/files/js/filelist.js; or (3) event title to 3rdpart...
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 4.0.7
Owncloud Owncloud
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.1
Owncloud Owncloud 3.0.3
Owncloud Owncloud 3.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »