Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2016-9463
Nextcloud Server prior to 9.0.54 and 10.0.1 & ownCloud Server prior to 9.1.2, 9.0.6, and 8.2.9 suffer from SMB User Authentication Bypass. Nextcloud/ownCloud include an optional and not by default enabled SMB authentication component that allows authenticating users against a...
Owncloud Owncloud
Nextcloud Nextcloud Server
6.8
CVSSv2
CVE-2014-9041
The import functionality in the bookmarks application in ownCloud server prior to 5.0.18, 6.x prior to 6.0.6, and 7.x prior to 7.0.3 does not validate CSRF tokens, which allow remote malicious users to conduct CSRF attacks.
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.13
Owncloud Owncloud 5.0.14
Owncloud Owncloud 6.0.1
Owncloud Owncloud 6.0.2
Owncloud Owncloud 6.0.3
Owncloud Owncloud 6.0.4
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.16
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.9
Owncloud Owncloud 7.0.0
Owncloud Owncloud 7.0.2
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.15
6.8
CVSSv2
CVE-2014-4929
Directory traversal vulnerability in the routing component in ownCloud Server prior to 5.0.17 and 6.0.x prior to 6.0.4 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in a filename, related to index.php.
Owncloud Owncloud 6.0.0
Owncloud Owncloud 6.0.2
Owncloud Owncloud 6.0.1
Owncloud Owncloud 6.0.3
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.14
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.13
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.15
Owncloud Owncloud
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.8
Owncloud Owncloud 5.0.9
6.8
CVSSv2
CVE-2014-3836
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud Server prior to 6.0.3 allow remote malicious users to hijack the authentication of users for requests that (1) conduct cross-site scripting (XSS) attacks, (2) modify files, or (3) rename files via unspecified ...
Owncloud Owncloud
Owncloud Owncloud 6.0.1
Owncloud Owncloud 6.0.0
6.8
CVSSv2
CVE-2013-0299
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud prior to 4.0.12 and 4.5.x prior to 4.5.7 allow remote malicious users to hijack the authentication of users for requests that (1) change the timezone for the user via the lat and lng parameters to apps/calenda...
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.9
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.1
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.5
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.1
Owncloud Owncloud
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.4
6.8
CVSSv2
CVE-2013-0300
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud 4.5.x prior to 4.5.7 allow remote malicious users to hijack the authentication of users for requests that (1) change the default view via the v parameter to apps/calendar/ajax/changeview.php, mount arbitrary (...
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.6
6.8
CVSSv2
CVE-2013-0301
Cross-site request forgery (CSRF) vulnerability in apps/calendar/ajax/settings/settimezone in ownCloud prior to 4.0.12 allows remote malicious users to hijack the authentication of users for requests that change the timezone via the timezone parameter.
Owncloud Owncloud 3.0.1
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.8
Owncloud Owncloud 3.0.2
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.1
Owncloud Owncloud 3.0.0
Owncloud Owncloud
Owncloud Owncloud 4.0.3
6.8
CVSSv2
CVE-2014-2047
Session fixation vulnerability in ownCloud prior to 6.0.2, when PHP is configured to accept session parameters through a GET request, allows remote malicious users to hijack web sessions via unspecified vectors.
Owncloud Owncloud
Owncloud Owncloud 6.0.0
6.8
CVSSv2
CVE-2013-6403
The admin page in ownCloud prior to 5.0.13 allows remote malicious users to bypass intended access restrictions via unspecified vectors, related to MariaDB.
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.8
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.9
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.6
6.8
CVSSv2
CVE-2012-4753
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud prior to 4.0.5 allow remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Owncloud Owncloud
Owncloud Owncloud 3.0.1
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.3
Owncloud Owncloud 3.0.2
Owncloud Owncloud 3.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »