Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2012-4389
Incomplete blacklist vulnerability in lib/migrate.php in ownCloud prior to 4.0.7 allows remote malicious users to execute arbitrary code by uploading a crafted .htaccess file in an import.zip file and accessing an uploaded PHP file.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
605
VMScore
CVE-2012-4391
Cross-site request forgery (CSRF) vulnerability in core/ajax/appconfig.php in ownCloud prior to 4.0.7 allows remote malicious users to hijack the authentication of administrators for requests that edit the app configurations.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
605
VMScore
CVE-2012-4393
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud prior to 4.0.6 allow remote malicious users to hijack the authentication of arbitrary users for requests that use (1) addBookmark.php, (2) delBookmark.php, or (3) editBookmark.php in bookmarks/ajax/; (4) calen...
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
605
VMScore
CVE-2012-2397
Cross-site request forgery (CSRF) vulnerability in ownCloud prior to 3.0.3 allows remote malicious users to hijack the authentication of arbitrary users for requests that insert cross-site scripting (XSS) sequences via vectors involving contacts.
Owncloud Owncloud 3.0.0
Owncloud Owncloud
Owncloud Owncloud 3.0.1
585
VMScore
CVE-2012-2270
Open redirect vulnerability in index.php (aka the Login Page) in ownCloud prior to 3.0.3 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_url parameter.
Owncloud Owncloud 3.0.0
Owncloud Owncloud
Owncloud Owncloud 3.0.1
1 EDB exploit
578
VMScore
CVE-2021-33828
The files_antivirus component prior to 1.0.0 for ownCloud mishandles the protection mechanism by which malicious files (that have been uploaded to a public share) are supposed to be deleted upon detection.
Owncloud Files Antivirus
578
VMScore
CVE-2020-10252
An issue exists in ownCloud prior to 10.4. Because of an SSRF issue (via the apps/files_sharing/external remote parameter), an authenticated attacker can interact with local services blindly (aka Blind SSRF) or conduct a Denial Of Service attack.
Owncloud Owncloud
578
VMScore
CVE-2013-7344
Unspecified vulnerability in core/settings.php in ownCloud prior to 4.0.12 and 4.5.x prior to 4.5.6 allows remote authenticated users to execute arbitrary PHP code via unknown vectors. NOTE: this issue was SPLIT from CVE-2013-0303 due to different affected versions.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud
Owncloud Owncloud 4.5.1
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
Owncloud Owncloud 3.0.1
578
VMScore
CVE-2013-0303
Unspecified vulnerability in core/ajax/translations.php in ownCloud prior to 4.0.12 and 4.5.x prior to 4.5.6 allows remote authenticated users to execute arbitrary PHP code via unknown vectors. NOTE: this entry has been SPLIT due to different affected versions. The core/settings....
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
578
VMScore
CVE-2013-2048
ownCloud prior to 5.0.6 does not properly check permissions, which allows remote authenticated users to execute arbitrary API commands via unspecified vectors. NOTE: this can be leveraged using CSRF to allow remote malicious users to execute arbitrary API commands.
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.4
Owncloud Owncloud
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »