Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud 9.0.4 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2016-9461
Nextcloud Server prior to 9.0.52 & ownCloud Server prior to 9.0.4 are not properly verifying edit check permissions on WebDAV copy actions. The WebDAV endpoint was not properly checking the permission on a WebDAV COPY action. This allowed an authenticated attacker with access...
Owncloud Owncloud
Nextcloud Nextcloud Server
4.3
CVSSv2
CVE-2016-9459
Nextcloud Server prior to 9.0.52 & ownCloud Server prior to 9.0.4 are vulnerable to a log pollution vulnerability potentially leading to a local XSS. The download log functionality in the admin screen is delivering the log in JSON format to the end-user. The file was delivere...
Nextcloud Nextcloud Server
Owncloud Owncloud
5
CVSSv2
CVE-2016-9460
Nextcloud Server prior to 9.0.52 & ownCloud Server prior to 9.0.4 are vulnerable to a content-spoofing attack in the files app. The location bar in the files app was not verifying the passed parameters. An attacker could craft an invalid link to a fake directory structure and...
Nextcloud Nextcloud
Owncloud Owncloud
4
CVSSv2
CVE-2016-9462
Nextcloud Server prior to 9.0.52 & ownCloud Server prior to 9.0.4 are not properly verifying restore privileges when restoring a file. The restore capability of Nextcloud/ownCloud was not verifying whether a user has only read-only access to a share. Thus a user with read-onl...
Owncloud Owncloud
Nextcloud Nextcloud Server
4.3
CVSSv2
CVE-2017-5865
The password reset functionality in ownCloud Server prior to 8.1.11, 8.2.x prior to 8.2.9, 9.0.x prior to 9.0.7, and 9.1.x prior to 9.1.3 sends different error messages depending on whether the username is valid, which allows remote malicious users to enumerate user names via a l...
Owncloud Owncloud 9.0.2
Owncloud Owncloud 9.0.3
Owncloud Owncloud 9.0.4
Owncloud Owncloud 9.0.5
Owncloud Owncloud 9.1.1
Owncloud Owncloud 9.0.0
Owncloud Owncloud 8.2.2
Owncloud Owncloud 8.2.4
Owncloud Owncloud 9.1.0
Owncloud Owncloud 8.2.5
Owncloud Owncloud 8.2.6
Owncloud Owncloud 8.2.7
Owncloud Owncloud 8.2.8
Owncloud Owncloud
Owncloud Owncloud 9.1.2
Owncloud Owncloud 9.0.1
Owncloud Owncloud 9.0.6
Owncloud Owncloud 8.2.3
4
CVSSv2
CVE-2017-5866
The autocomplete feature in the E-Mail share dialog in ownCloud Server prior to 8.1.11, 8.2.x prior to 8.2.9, 9.0.x prior to 9.0.7, and 9.1.x prior to 9.1.3 allows remote authenticated users to obtain sensitive information via unspecified vectors.
Owncloud Owncloud 9.0.6
Owncloud Owncloud 8.2.5
Owncloud Owncloud 8.2.2
Owncloud Owncloud 8.2.3
Owncloud Owncloud 9.0.0
Owncloud Owncloud 9.1.1
Owncloud Owncloud 9.0.5
Owncloud Owncloud 8.2.4
Owncloud Owncloud 8.2.7
Owncloud Owncloud 9.0.2
Owncloud Owncloud
Owncloud Owncloud 9.0.3
Owncloud Owncloud 9.0.4
Owncloud Owncloud 8.2.0
Owncloud Owncloud 8.2.1
Owncloud Owncloud 9.0.1
Owncloud Owncloud 9.1.0
Owncloud Owncloud 9.1.2
Owncloud Owncloud 8.2.6
Owncloud Owncloud 8.2.8
4
CVSSv2
CVE-2017-5867
ownCloud Server prior to 8.1.11, 8.2.x prior to 8.2.9, 9.0.x prior to 9.0.7, and 9.1.x prior to 9.1.3 allows remote authenticated users to cause a denial of service (server hang and logfile flooding) via a one bit BMP file.
Owncloud Owncloud 9.0.0
Owncloud Owncloud 9.0.1
Owncloud Owncloud 9.0.2
Owncloud Owncloud
Owncloud Owncloud 9.0.3
Owncloud Owncloud 9.1.2
Owncloud Owncloud 9.0.5
Owncloud Owncloud 8.2.5
Owncloud Owncloud 8.2.3
Owncloud Owncloud 9.1.0
Owncloud Owncloud 9.1.1
Owncloud Owncloud 8.2.6
Owncloud Owncloud 8.2.7
Owncloud Owncloud 8.2.8
Owncloud Owncloud 8.2.0
Owncloud Owncloud 9.0.4
Owncloud Owncloud 9.0.6
Owncloud Owncloud 8.2.2
Owncloud Owncloud 8.2.4
Owncloud Owncloud 8.2.1
3.5
CVSSv2
CVE-2016-7419
Cross-site scripting (XSS) vulnerability in share.js in the gallery application in ownCloud Server prior to 9.0.4 and Nextcloud Server prior to 9.0.52 allows remote authenticated users to inject arbitrary web script or HTML via a crafted directory name.
Nextcloud Nextcloud Server
Owncloud Owncloud
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started