Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud 3.0.0 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2012-5610
Incomplete blacklist vulnerability in lib/filesystem.php in ownCloud prior to 4.0.9 and 4.5.x prior to 4.5.2 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a special crafted name.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
6.5
CVSSv2
CVE-2012-5609
Incomplete blacklist vulnerability in lib/migrate.php in ownCloud prior to 4.5.2 allows remote authenticated users to execute arbitrary PHP code by uploading a crafted mount.php file in a ZIP file.
Owncloud Owncloud 4.0.3
Owncloud Owncloud
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
5.8
CVSSv2
CVE-2012-2270
Open redirect vulnerability in index.php (aka the Login Page) in ownCloud prior to 3.0.3 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_url parameter.
Owncloud Owncloud 3.0.0
Owncloud Owncloud
Owncloud Owncloud 3.0.1
1 EDB exploit
5
CVSSv2
CVE-2014-2049
The default Flash Cross Domain policies in ownCloud prior to 5.0.15 and 6.x prior to 6.0.2 allows remote malicious users to access user files via unspecified vectors.
Owncloud Owncloud 6.0.0
Owncloud Owncloud 6.0.1
Owncloud Owncloud 4.0.3
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.2
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.5.12
Owncloud Owncloud 4.0.11
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.9
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.0.13
Owncloud Owncloud 4.5.11
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.5.13
Owncloud Owncloud 5.0.7
Owncloud Owncloud 4.0.10
Owncloud Owncloud
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.9
Owncloud Owncloud 5.0.0
5
CVSSv2
CVE-2012-5607
The "Lost Password" reset functionality in ownCloud prior to 4.0.9 and 4.5.0 does not properly check the security token, which allows remote malicious users to change an accounts password via unspecified vectors related to a "Remote Timing Attack."
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
5
CVSSv2
CVE-2012-4752
appconfig.php in ownCloud prior to 4.0.6 does not properly restrict access, which allows remote authenticated users to edit app configurations via unspecified vectors. NOTE: this can be leveraged by unauthenticated remote attackers using CVE-2012-4393.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
4.3
CVSSv2
CVE-2014-2057
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud prior to 6.0.2 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.2
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.5.12
Owncloud Owncloud 4.0.11
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.9
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.0.13
Owncloud Owncloud 4.5.11
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.5.13
Owncloud Owncloud 5.0.7
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.9
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.14
Owncloud Owncloud 4.0.14
Owncloud Owncloud 4.0.8
4.3
CVSSv2
CVE-2013-1942
Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer prior to 2.2.20, as used in ownCloud Server prior to 5.0.4 and other products, allow remote malicious users to inject arbitrary web script or HTML vi...
Happyworm Jplayer 2.0.1
Happyworm Jplayer 2.1.2
Happyworm Jplayer
Happyworm Jplayer 0.2.5
Happyworm Jplayer 2.0.29
Happyworm Jplayer 2.2.4
Happyworm Jplayer 2.0.22
Happyworm Jplayer 2.2.18
Happyworm Jplayer 2.0.23
Happyworm Jplayer 2.2.14
Happyworm Jplayer 1.1.1
Happyworm Jplayer 0.2.4
Happyworm Jplayer 2.0.14
Happyworm Jplayer 2.0.3
Happyworm Jplayer 2.2.5
Happyworm Jplayer 2.0.33
Happyworm Jplayer 2.2.17
Happyworm Jplayer 2.1.0
Happyworm Jplayer 2.0.34
Happyworm Jplayer 1.2.0
Happyworm Jplayer 2.0.9
Happyworm Jplayer 2.0.31
1 EDB exploit
4.3
CVSSv2
CVE-2012-5606
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud prior to 4.0.9 and 4.5.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) file name to apps/files_versions/js/versions.js or (2) apps/files/js/filelist.js; or (3) event title to 3rdpart...
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
4.3
CVSSv2
CVE-2012-4394
Cross-site scripting (XSS) vulnerability in apps/files/js/filelist.js in ownCloud prior to 4.0.5 allows remote malicious users to inject arbitrary web script or HTML via the file parameter.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 3.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »