Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud 4.5.6 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-0300
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud 4.5.x prior to 4.5.7 allow remote malicious users to hijack the authentication of users for requests that (1) change the default view via the v parameter to apps/calendar/ajax/changeview.php, mount arbitrary (...
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.6
NA
CVE-2013-0298
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x prior to 4.5.7 allow remote malicious users to inject arbitrary web script or HTML via (1) a crafted iCalendar file to the calendar application, the (2) dir or (3) file parameter to apps/files_pdfviewer/viewer....
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.6
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.0
NA
CVE-2013-1822
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x prior to 4.5.8 allow remote authenticated users with administrator privileges to inject arbitrary web script or HTML via the (1) quota parameter to /core/settings/ajax/setquota.php, or remote authenticated user...
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.6
NA
CVE-2013-1963
The contacts application in ownCloud prior to 4.5.10 and 5.x prior to 5.0.5 does not properly check the ownership of contacts, which allows remote authenticated users to download arbitrary contacts via unspecified vectors.
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.4
Owncloud Owncloud
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.6
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.8
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.0
NA
CVE-2013-2043
apps/calendar/ajax/events.php in ownCloud prior to 4.5.11 and 5.x prior to 5.0.6 does not properly check the ownership of a calendar, which allows remote authenticated users to download arbitrary calendars via the calendar_id parameter.
Owncloud Owncloud 4.5.0
Owncloud Owncloud 5.0.0
Owncloud Owncloud 4.5.8
Owncloud Owncloud 4.5.9
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.4
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.1
Owncloud Owncloud
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.3
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.5
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.6
NA
CVE-2013-2046
SQL injection vulnerability in lib/bookmarks.php in ownCloud Server 4.5.x prior to 4.5.11 and 5.x prior to 5.0.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Owncloud Owncloud 4.5.6
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.8
Owncloud Owncloud 4.5.9
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.10
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.4
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.2
NA
CVE-2013-0297
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud prior to 4.0.12 and 4.5.x prior to 4.5.7 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) site_name or (2) site_url parameter to apps/external/ajax/setsites.php.
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.6
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.0
Owncloud Owncloud 3.0.0
Owncloud Owncloud
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.8
Owncloud Owncloud 3.0.2
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.10
Owncloud Owncloud 3.0.1
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.4
NA
CVE-2013-0299
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud prior to 4.0.12 and 4.5.x prior to 4.5.7 allow remote malicious users to hijack the authentication of users for requests that (1) change the timezone for the user via the lat and lng parameters to apps/calenda...
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.9
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.1
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.5
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.1
Owncloud Owncloud
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.4
NA
CVE-2013-0307
Cross-site scripting (XSS) vulnerability in settings.php in ownCloud prior to 4.0.12 and 4.5.x prior to 4.5.7 allows remote administrators to inject arbitrary web script or HTML via the group input field parameter.
Owncloud Owncloud 3.0.0
Owncloud Owncloud
Owncloud Owncloud 4.0.3
Owncloud Owncloud 3.0.2
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.8
Owncloud Owncloud 3.0.1
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.6
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.5
NA
CVE-2013-1850
Multiple incomplete blacklist vulnerabilities in (1) import.php and (2) ajax/uploadimport.php in apps/contacts/ in ownCloud prior to 4.0.13 and 4.5.x prior to 4.5.8 allow remote authenticated users to execute arbitrary PHP code by uploading a .htaccess file.
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.6
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.7
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.11
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.9
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.10
Owncloud Owncloud 3.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »