Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud 4.5.6 vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2013-0300
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud 4.5.x prior to 4.5.7 allow remote malicious users to hijack the authentication of users for requests that (1) change the default view via the v parameter to apps/calendar/ajax/changeview.php, mount arbitrary (...
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.6
383
VMScore
CVE-2013-0298
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x prior to 4.5.7 allow remote malicious users to inject arbitrary web script or HTML via (1) a crafted iCalendar file to the calendar application, the (2) dir or (3) file parameter to apps/files_pdfviewer/viewer....
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.6
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.0
187
VMScore
CVE-2013-1822
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x prior to 4.5.8 allow remote authenticated users with administrator privileges to inject arbitrary web script or HTML via the (1) quota parameter to /core/settings/ajax/setquota.php, or remote authenticated user...
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.6
356
VMScore
CVE-2013-1963
The contacts application in ownCloud prior to 4.5.10 and 5.x prior to 5.0.5 does not properly check the ownership of contacts, which allows remote authenticated users to download arbitrary contacts via unspecified vectors.
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.4
Owncloud Owncloud
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.6
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.8
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.0
578
VMScore
CVE-2013-2046
SQL injection vulnerability in lib/bookmarks.php in ownCloud Server 4.5.x prior to 4.5.11 and 5.x prior to 5.0.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Owncloud Owncloud 4.5.6
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.8
Owncloud Owncloud 4.5.9
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.10
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.4
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.2
356
VMScore
CVE-2013-2043
apps/calendar/ajax/events.php in ownCloud prior to 4.5.11 and 5.x prior to 5.0.6 does not properly check the ownership of a calendar, which allows remote authenticated users to download arbitrary calendars via the calendar_id parameter.
Owncloud Owncloud 4.5.0
Owncloud Owncloud 5.0.0
Owncloud Owncloud 4.5.8
Owncloud Owncloud 4.5.9
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.4
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.1
Owncloud Owncloud
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.3
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.5
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.6
312
VMScore
CVE-2013-0307
Cross-site scripting (XSS) vulnerability in settings.php in ownCloud prior to 4.0.12 and 4.5.x prior to 4.5.7 allows remote administrators to inject arbitrary web script or HTML via the group input field parameter.
Owncloud Owncloud 3.0.0
Owncloud Owncloud
Owncloud Owncloud 4.0.3
Owncloud Owncloud 3.0.2
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.8
Owncloud Owncloud 3.0.1
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.6
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.5
312
VMScore
CVE-2013-0297
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud prior to 4.0.12 and 4.5.x prior to 4.5.7 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) site_name or (2) site_url parameter to apps/external/ajax/setsites.php.
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.6
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.0
Owncloud Owncloud 3.0.0
Owncloud Owncloud
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.8
Owncloud Owncloud 3.0.2
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.10
Owncloud Owncloud 3.0.1
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.4
605
VMScore
CVE-2013-0299
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud prior to 4.0.12 and 4.5.x prior to 4.5.7 allow remote malicious users to hijack the authentication of users for requests that (1) change the timezone for the user via the lat and lng parameters to apps/calenda...
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.9
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.1
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.5
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.1
Owncloud Owncloud
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.4
578
VMScore
CVE-2013-1850
Multiple incomplete blacklist vulnerabilities in (1) import.php and (2) ajax/uploadimport.php in apps/contacts/ in ownCloud prior to 4.0.13 and 4.5.x prior to 4.5.8 allow remote authenticated users to execute arbitrary PHP code by uploading a .htaccess file.
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.6
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.7
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.11
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.9
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.10
Owncloud Owncloud 3.0.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »