Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud 5.0.0 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2013-2045
SQL injection vulnerability in lib/db.php in ownCloud Server 5.0.x prior to 5.0.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.3
5.8
CVSSv2
CVE-2013-2044
Open redirect vulnerability in the Login Page (index.php) in ownCloud prior to 5.0.6 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_url parameter.
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.3
Owncloud Owncloud
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.4
5.5
CVSSv2
CVE-2014-3835
ownCloud Server prior to 5.0.16 and 6.0.x prior to 6.0.3 does not check permissions to the files_external application, which allows remote authenticated users to add external storage via unspecified vectors.
Owncloud Owncloud 6.0.0
Owncloud Owncloud 6.0.2
Owncloud Owncloud 6.0.1
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.13
Owncloud Owncloud 5.0.14
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.9
Owncloud Owncloud
Owncloud Owncloud 5.0.8
5
CVSSv2
CVE-2014-9043
The user_ldap (aka LDAP user and group backend) application in ownCloud prior to 5.0.18, 6.x prior to 6.0.6, and 7.x prior to 7.0.3 allows remote malicious users to bypass authentication via a null byte in the password and a valid user name, which triggers an unauthenticated bind...
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.13
Owncloud Owncloud 5.0.9
Owncloud Owncloud 6.0.0
Owncloud Owncloud 6.0.1
Owncloud Owncloud 6.0.2
Owncloud Owncloud 6.0.3
Owncloud Owncloud
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 7.0.2
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.14
Owncloud Owncloud 5.0.15
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.8
Owncloud Owncloud 6.0.5
Owncloud Owncloud 7.0.1
Owncloud Owncloud 5.0.0
5
CVSSv2
CVE-2014-9045
The FTP backend in user_external in ownCloud Server prior to 5.0.18 and 6.x prior to 6.0.6 allows remote malicious users to bypass intended authentication requirements via a crafted password.
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.13
Owncloud Owncloud 5.0.14
Owncloud Owncloud 6.0.1
Owncloud Owncloud 6.0.2
Owncloud Owncloud 6.0.3
Owncloud Owncloud 6.0.4
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.16
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.9
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.15
Owncloud Owncloud
Owncloud Owncloud 5.0.8
5
CVSSv2
CVE-2014-9046
The OC_Util::getUrlContent function in ownCloud Server prior to 5.0.18, 6.x prior to 6.0.6, and 7.x prior to 7.0.3 allows remote malicious users to read arbitrary files via a file:// protocol.
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.13
Owncloud Owncloud 5.0.14
Owncloud Owncloud 6.0.0
Owncloud Owncloud 6.0.1
Owncloud Owncloud 6.0.2
Owncloud Owncloud 6.0.3
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.15
Owncloud Owncloud
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.8
Owncloud Owncloud 6.0.5
Owncloud Owncloud 7.0.1
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.16
5
CVSSv2
CVE-2014-9048
The documents application in ownCloud Server 6.x prior to 6.0.6 and 7.x prior to 7.0.3 allows remote malicious users to bypass the password-protection for shared files via the API.
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.13
Owncloud Owncloud 5.0.14
Owncloud Owncloud 6.0.1
Owncloud Owncloud 6.0.2
Owncloud Owncloud 6.0.3
Owncloud Owncloud 6.0.4
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.16
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.9
Owncloud Owncloud 7.0.0
Owncloud Owncloud 7.0.2
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.15
5
CVSSv2
CVE-2013-1941
The installation routine in ownCloud Server prior to 4.0.14, 4.5.x prior to 4.5.9, and 5.0.x prior to 5.0.4 uses the time function to seed the generation of the PostgreSQL database user password, which makes it easier for remote malicious users to guess the password via a brute f...
Owncloud Owncloud 4.0.11
Owncloud Owncloud
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.0.12
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.6
Owncloud Owncloud 4.5.8
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
5
CVSSv2
CVE-2013-2086
The configuration loader in ownCloud 5.0.x prior to 5.0.6 allows remote malicious users to obtain CSRF tokens and other sensitive information by reading an unspecified JavaScript file.
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.1
5
CVSSv2
CVE-2014-2049
The default Flash Cross Domain policies in ownCloud prior to 5.0.15 and 6.x prior to 6.0.2 allows remote malicious users to access user files via unspecified vectors.
Owncloud Owncloud 6.0.1
Owncloud Owncloud 6.0.0
Owncloud Owncloud 5.0.13
Owncloud Owncloud 4.5.8
Owncloud Owncloud 4.5.6
Owncloud Owncloud 4.5.11
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.12
Owncloud Owncloud 4.0.10
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.9
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.0
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »