Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud 4.5.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-1822
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x prior to 4.5.8 allow remote authenticated users with administrator privileges to inject arbitrary web script or HTML via the (1) quota parameter to /core/settings/ajax/setquota.php, or remote authenticated user...
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.6
NA
CVE-2013-1850
Multiple incomplete blacklist vulnerabilities in (1) import.php and (2) ajax/uploadimport.php in apps/contacts/ in ownCloud prior to 4.0.13 and 4.5.x prior to 4.5.8 allow remote authenticated users to execute arbitrary PHP code by uploading a .htaccess file.
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.6
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.11
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.10
Owncloud Owncloud
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.9
NA
CVE-2013-1851
Incomplete blacklist vulnerability in lib/migrate.php in ownCloud prior to 4.0.13 and 4.5.x prior to 4.5.8, when the user_migrate application is enabled, allows remote authenticated users to import arbitrary files to the user's account via unspecified vectors.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.11
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.10
Owncloud Owncloud
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.4
NA
CVE-2013-1963
The contacts application in ownCloud prior to 4.5.10 and 5.x prior to 5.0.5 does not properly check the ownership of contacts, which allows remote authenticated users to download arbitrary contacts via unspecified vectors.
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.3
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.7
Owncloud Owncloud
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.1
Owncloud Owncloud 4.5.0
Owncloud Owncloud 5.0.4
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.8
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.6
NA
CVE-2013-2039
Directory traversal vulnerability in lib/files/view.php in ownCloud prior to 4.0.15, 4.5.x 4.5.11, and 5.x prior to 5.0.6 allows remote authenticated users to access arbitrary files via unspecified vectors.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 5.0.2
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.11
Owncloud Owncloud 5.0.3
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.0.13
Owncloud Owncloud 4.0.10
Owncloud Owncloud
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.9
Owncloud Owncloud 5.0.0
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 5.0.1
Owncloud Owncloud 4.0.5
Owncloud Owncloud 5.0.4
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.5.10
Owncloud Owncloud 4.0.9
NA
CVE-2013-2042
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud prior to 4.0.15, 4.5.x prior to 4.5.11, and 5.0.x prior to 5.0.6 allow remote authenticated users to inject arbitrary web script or HTML via the url parameter to (1) apps/bookmarks/ajax/addBookmark.php or (2) apps/bo...
Owncloud Owncloud 4.0.3
Owncloud Owncloud 5.0.2
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.11
Owncloud Owncloud 5.0.3
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.0.13
Owncloud Owncloud 4.0.10
Owncloud Owncloud
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.9
Owncloud Owncloud 5.0.0
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 5.0.1
Owncloud Owncloud 4.0.5
Owncloud Owncloud 5.0.4
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.5.10
Owncloud Owncloud 4.0.9
NA
CVE-2014-2049
The default Flash Cross Domain policies in ownCloud prior to 5.0.15 and 6.x prior to 6.0.2 allows remote malicious users to access user files via unspecified vectors.
Owncloud Owncloud 6.0.0
Owncloud Owncloud 6.0.1
Owncloud Owncloud 4.0.3
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.2
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.5.12
Owncloud Owncloud 4.0.11
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.9
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.0.13
Owncloud Owncloud 4.5.11
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.5.13
Owncloud Owncloud 5.0.7
Owncloud Owncloud 4.0.10
Owncloud Owncloud
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.9
Owncloud Owncloud 5.0.0
NA
CVE-2013-2150
Multiple cross-site scripting (XSS) vulnerabilities in js/viewer.js in ownCloud prior to 4.5.12 and 5.x prior to 5.0.7 allow remote malicious users to inject arbitrary web script or HTML via vectors related to shared files.
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.5
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.11
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.0.13
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.9
Owncloud Owncloud 4.0.14
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.16
NA
CVE-2013-2043
apps/calendar/ajax/events.php in ownCloud prior to 4.5.11 and 5.x prior to 5.0.6 does not properly check the ownership of a calendar, which allows remote authenticated users to download arbitrary calendars via the calendar_id parameter.
Owncloud Owncloud 5.0.2
Owncloud Owncloud
Owncloud Owncloud 5.0.3
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.9
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.1
Owncloud Owncloud 4.5.0
Owncloud Owncloud 5.0.4
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.8
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.6
Owncloud Owncloud 5.0.5
NA
CVE-2013-0307
Cross-site scripting (XSS) vulnerability in settings.php in ownCloud prior to 4.0.12 and 4.5.x prior to 4.5.7 allows remote administrators to inject arbitrary web script or HTML via the group input field parameter.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »