Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2017-9338
Inadequate escaping lead to XSS vulnerability in the search module in ownCloud Server prior to 8.2.12, 9.0.x prior to 9.0.10, 9.1.x prior to 9.1.6, and 10.0.x prior to 10.0.2. To be exploitable a user has to write or paste malicious content into the search dialogue.
Owncloud Owncloud
6.1
CVSSv3
CVE-2017-8896
ownCloud Server prior to 8.2.12, 9.0.x prior to 9.0.10, 9.1.x prior to 9.1.6, and 10.0.x prior to 10.0.2 are vulnerable to XSS on error pages by injecting code in url parameters.
Owncloud Owncloud
5.4
CVSSv3
CVE-2017-0891
Nextcloud Server prior to 9.0.58 and 10.0.5 and 11.0.3 are vulnerable to an inadequate escaping of error messages leading to XSS vulnerabilities in multiple components.
Nextcloud Nextcloud Server
5.3
CVSSv3
CVE-2016-9460
Nextcloud Server prior to 9.0.52 & ownCloud Server prior to 9.0.4 are vulnerable to a content-spoofing attack in the files app. The location bar in the files app was not verifying the passed parameters. An attacker could craft an invalid link to a fake directory structure and...
Nextcloud Nextcloud
Owncloud Owncloud
5.3
CVSSv3
CVE-2016-9468
Nextcloud Server prior to 9.0.54 and 10.0.1 & ownCloud Server prior to 9.0.6 and 9.1.2 suffer from content spoofing in the dav app. The exception message displayed on the DAV endpoints contained partially user-controllable input leading to a potential misrepresentation of inf...
Owncloud Owncloud
Nextcloud Nextcloud Server
6.1
CVSSv3
CVE-2016-9459
Nextcloud Server prior to 9.0.52 & ownCloud Server prior to 9.0.4 are vulnerable to a log pollution vulnerability potentially leading to a local XSS. The download log functionality in the admin screen is delivering the log in JSON format to the end-user. The file was delivere...
Owncloud Owncloud
Nextcloud Nextcloud Server
4.3
CVSSv3
CVE-2016-9461
Nextcloud Server prior to 9.0.52 & ownCloud Server prior to 9.0.4 are not properly verifying edit check permissions on WebDAV copy actions. The WebDAV endpoint was not properly checking the permission on a WebDAV COPY action. This allowed an authenticated attacker with access...
Owncloud Owncloud
Nextcloud Nextcloud Server
8.1
CVSSv3
CVE-2016-9463
Nextcloud Server prior to 9.0.54 and 10.0.1 & ownCloud Server prior to 9.1.2, 9.0.6, and 8.2.9 suffer from SMB User Authentication Bypass. Nextcloud/ownCloud include an optional and not by default enabled SMB authentication component that allows authenticating users against a...
Owncloud Owncloud
Nextcloud Nextcloud Server
4.3
CVSSv3
CVE-2016-9462
Nextcloud Server prior to 9.0.52 & ownCloud Server prior to 9.0.4 are not properly verifying restore privileges when restoring a file. The restore capability of Nextcloud/ownCloud was not verifying whether a user has only read-only access to a share. Thus a user with read-onl...
Owncloud Owncloud
Nextcloud Nextcloud Server
5.4
CVSSv3
CVE-2016-9465
Nextcloud Server prior to 10.0.1 & ownCloud Server prior to 9.0.6 and 9.1.2 suffer from Stored XSS in CardDAV image export. The CardDAV image export functionality as implemented in Nextcloud/ownCloud allows the download of images stored within a vCard. Due to not performing a...
Owncloud Owncloud
Nextcloud Nextcloud Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »