Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud 4.5.5 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2013-0202
Cross-site scripting (XSS) vulnerability in ownCloud 4.5.5, 4.0.10, and previous versions allows remote malicious users to inject arbitrary web script or HTML via the action parameter to core/ajax/sharing.php.
Owncloud Owncloud
312
VMScore
CVE-2013-0203
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.5, 4.0.10, and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) unspecified parameters to apps/calendar/ajax/event/new.php or (2) url parameter to apps/bookmarks/a...
Owncloud Owncloud
755
VMScore
CVE-2014-2044
Incomplete blacklist vulnerability in ajax/upload.php in ownCloud prior to 5.0, when running on Windows, allows remote authenticated users to bypass intended access restrictions, upload files with arbitrary names, and execute arbitrary code via an Alternate Data Stream (ADS) synt...
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud
Owncloud Owncloud 4.5.12
Owncloud Owncloud 4.0.11
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.0.13
Owncloud Owncloud 4.5.11
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.9
Owncloud Owncloud 4.0.14
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.16
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
1 EDB exploit
356
VMScore
CVE-2013-0304
ownCloud Server prior to 4.5.7 does not properly check ownership of calendars, which allows remote authenticated users to read arbitrary calendars via the calid parameter to /apps/calendar/export.php. NOTE: this issue has been reported as a cross-site request forgery (CSRF) vulne...
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.2
Owncloud Owncloud
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
409
VMScore
CVE-2013-0204
settings/personal.php in ownCloud 4.5.x prior to 4.5.6 allows remote authenticated users to execute arbitrary PHP code via crafted mount point settings.
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
445
VMScore
CVE-2013-1941
The installation routine in ownCloud Server prior to 4.0.14, 4.5.x prior to 4.5.9, and 5.0.x prior to 5.0.4 uses the time function to seed the generation of the PostgreSQL database user password, which makes it easier for remote malicious users to guess the password via a brute f...
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.11
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.12
Owncloud Owncloud
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.8
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
578
VMScore
CVE-2013-7344
Unspecified vulnerability in core/settings.php in ownCloud prior to 4.0.12 and 4.5.x prior to 4.5.6 allows remote authenticated users to execute arbitrary PHP code via unknown vectors. NOTE: this issue was SPLIT from CVE-2013-0303 due to different affected versions.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud
Owncloud Owncloud 4.5.1
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
Owncloud Owncloud 3.0.1
383
VMScore
CVE-2014-2057
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud prior to 6.0.2 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.2
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.5.12
Owncloud Owncloud 4.0.11
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.9
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.0.13
Owncloud Owncloud 4.5.11
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.5.13
Owncloud Owncloud 5.0.7
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.9
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.14
Owncloud Owncloud 4.0.14
Owncloud Owncloud 4.0.8
578
VMScore
CVE-2013-0303
Unspecified vulnerability in core/ajax/translations.php in ownCloud prior to 4.0.12 and 4.5.x prior to 4.5.6 allows remote authenticated users to execute arbitrary PHP code via unknown vectors. NOTE: this entry has been SPLIT due to different affected versions. The core/settings....
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
383
VMScore
CVE-2013-0201
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.5, 4.0.10, and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) QUERY_STRING to core/lostpassword/templates/resetpassword.php, (2) mime parameter to apps/files/aja...
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.4
Owncloud Owncloud
Owncloud Owncloud 4.5.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »