Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-0302
Unspecified vulnerability in ownCloud Server prior to 4.0.12 allows remote malicious users to obtain sensitive information via unspecified vectors related to "inclusion of the Amazon SDK testing suite." NOTE: due to lack of details, it is not clear whether the issue exi...
Owncloud Owncloud
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.0.10
4
CVSSv2
CVE-2015-5954
The virtual filesystem in ownCloud Server prior to 6.0.9, 7.0.x prior to 7.0.7, and 8.0.x prior to 8.0.5 does not consider that NULL is a valid getPath return value, which allows remote authenticated users to bypass intended access restrictions and gain access to users files via ...
Owncloud Owncloud 7.0.4
Owncloud Owncloud 7.0.1
Owncloud Owncloud 7.0.2
Owncloud Owncloud 8.0.3
Owncloud Owncloud 8.0.4
Owncloud Owncloud 7.0.3
Owncloud Owncloud 7.0.5
Owncloud Owncloud 7.0.6
Owncloud Owncloud 7.0.0
Owncloud Owncloud 8.0.2
Owncloud Owncloud 8.0.0
Owncloud Owncloud
4
CVSSv2
CVE-2012-4390
(1) apps/calendar/appinfo/remote.php and (2) apps/contacts/appinfo/remote.php in ownCloud prior to 4.0.7 allows remote authenticated users to enumerate the registered users via unspecified vectors.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
6.8
CVSSv2
CVE-2012-4389
Incomplete blacklist vulnerability in lib/migrate.php in ownCloud prior to 4.0.7 allows remote malicious users to execute arbitrary code by uploading a crafted .htaccess file in an import.zip file and accessing an uploaded PHP file.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
6.8
CVSSv2
CVE-2012-4391
Cross-site request forgery (CSRF) vulnerability in core/ajax/appconfig.php in ownCloud prior to 4.0.7 allows remote malicious users to hijack the authentication of administrators for requests that edit the app configurations.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
9
CVSSv2
CVE-2015-4718
The external SMB storage driver in ownCloud Server prior to 6.0.8, 7.0.x prior to 7.0.6, and 8.0.x prior to 8.0.4 allows remote authenticated users to execute arbitrary SMB commands via a ; (semicolon) character in a file.
Owncloud Owncloud 7.0.4
Owncloud Owncloud 7.0.1
Owncloud Owncloud 7.0.2
Owncloud Owncloud 8.0.3
Owncloud Owncloud
Owncloud Owncloud 7.0.3
Owncloud Owncloud 7.0.5
Owncloud Owncloud 7.0.0
Owncloud Owncloud 8.0.2
Owncloud Owncloud 8.0.0
5
CVSSv2
CVE-2012-4752
appconfig.php in ownCloud prior to 4.0.6 does not properly restrict access, which allows remote authenticated users to edit app configurations via unspecified vectors. NOTE: this can be leveraged by unauthenticated remote attackers using CVE-2012-4393.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
6.8
CVSSv2
CVE-2012-4393
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud prior to 4.0.6 allow remote malicious users to hijack the authentication of arbitrary users for requests that use (1) addBookmark.php, (2) delBookmark.php, or (3) editBookmark.php in bookmarks/ajax/; (4) calen...
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
7.8
CVSSv2
CVE-2015-4717
The filename sanitization component in ownCloud Server prior to 6.0.8, 7.0.x prior to 7.0.6, and 8.0.x prior to 8.0.4 does not properly handle $_GET parameters cast by PHP to an array, which allows remote malicious users to cause a denial of service (infinite loop and log file co...
Owncloud Owncloud 7.0.4
Owncloud Owncloud 7.0.1
Owncloud Owncloud 7.0.2
Owncloud Owncloud 8.0.3
Owncloud Owncloud
Owncloud Owncloud 7.0.3
Owncloud Owncloud 7.0.5
Owncloud Owncloud 7.0.0
Owncloud Owncloud 8.0.2
Owncloud Owncloud 8.0.0
4.3
CVSSv2
CVE-2012-4394
Cross-site scripting (XSS) vulnerability in apps/files/js/filelist.js in ownCloud prior to 4.0.5 allows remote malicious users to inject arbitrary web script or HTML via the file parameter.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 3.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »