Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud 6.0.2 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2014-2052
Zend Framework, as used in ownCloud Server prior to 5.0.15 and 6.0.x prior to 6.0.2, allows remote malicious users to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
Owncloud Owncloud
7.5
CVSSv2
CVE-2014-2051
ownCloud Server prior to 5.0.15 and 6.0.x prior to 6.0.2 allows remote malicious users to conduct an LDAP injection attack via unspecified vectors, as demonstrated using a "login query."
Owncloud Owncloud 6.0.0
Owncloud Owncloud 6.0.1
Owncloud Owncloud
Owncloud Owncloud 5.0.14
Owncloud Owncloud 5.0.13
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.9
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.8
7.5
CVSSv2
CVE-2014-2053
getID3() prior to 1.9.8, as used in ownCloud Server prior to 5.0.15 and 6.0.x prior to 6.0.2, allows remote malicious users to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
Getid3 Getid3 1.9.1
Getid3 Getid3 1.9.0
Owncloud Owncloud 5.0.14
Owncloud Owncloud
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.9
Getid3 Getid3 1.9.3
Getid3 Getid3 1.9.2
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.13
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.8
Getid3 Getid3
Getid3 Getid3 1.9.6
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Getid3 Getid3 1.9.5
Getid3 Getid3 1.9.4
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.11
7.5
CVSSv2
CVE-2014-2054
PHPExcel prior to 1.8.0, as used in ownCloud Server prior to 5.0.15 and 6.0.x prior to 6.0.2, does not disable external entity loading in libxml, which allows remote malicious users to read arbitrary files, cause a denial of service, or possibly have other impact via an XML Exter...
Owncloud Owncloud 6.0.0
Phpexcel Project Phpexcel
Owncloud Owncloud 6.0.1
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.13
Owncloud Owncloud
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.8
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.14
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.9
7.5
CVSSv2
CVE-2014-2055
SabreDAV prior to 1.7.11, as used in ownCloud Server prior to 5.0.15 and 6.0.x prior to 6.0.2, allows remote malicious users to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
Fruux Sabredav 1.6.3
Fruux Sabredav 1.6.5
Fruux Sabredav 1.7.2
Fruux Sabredav 1.7.4
Fruux Sabredav 1.8.0
Fruux Sabredav 1.8.2
Fruux Sabredav
Owncloud Owncloud 6.0.0
Fruux Sabredav 1.6.0
Fruux Sabredav 1.6.1
Fruux Sabredav 1.6.10
Fruux Sabredav 1.7.5
Fruux Sabredav 1.7.6
Fruux Sabredav 1.7.7
Fruux Sabredav 1.7.8
Owncloud Owncloud 6.0.1
Fruux Sabredav 1.6.6
Fruux Sabredav 1.6.7
Fruux Sabredav 1.6.8
Fruux Sabredav 1.6.9
Fruux Sabredav 1.7.0
Fruux Sabredav 1.8.4
7.5
CVSSv2
CVE-2014-2056
PHPDocX, as used in ownCloud Server prior to 5.0.15 and 6.0.x prior to 6.0.2, allows remote malicious users to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
Owncloud Owncloud 5.0.13
Owncloud Owncloud
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.8
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.5
Phpdocx Phpdocx -
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.14
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.9
Owncloud Owncloud 6.0.0
Owncloud Owncloud 6.0.1
6.8
CVSSv2
CVE-2014-9041
The import functionality in the bookmarks application in ownCloud server prior to 5.0.18, 6.x prior to 6.0.6, and 7.x prior to 7.0.3 does not validate CSRF tokens, which allow remote malicious users to conduct CSRF attacks.
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.13
Owncloud Owncloud 5.0.14
Owncloud Owncloud 6.0.1
Owncloud Owncloud 6.0.2
Owncloud Owncloud 6.0.3
Owncloud Owncloud 6.0.4
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.16
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.9
Owncloud Owncloud 7.0.0
Owncloud Owncloud 7.0.2
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.15
6.8
CVSSv2
CVE-2014-4929
Directory traversal vulnerability in the routing component in ownCloud Server prior to 5.0.17 and 6.0.x prior to 6.0.4 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in a filename, related to index.php.
Owncloud Owncloud 6.0.0
Owncloud Owncloud 6.0.2
Owncloud Owncloud 6.0.1
Owncloud Owncloud 6.0.3
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.14
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.13
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.15
Owncloud Owncloud
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.8
Owncloud Owncloud 5.0.9
6.8
CVSSv2
CVE-2014-2047
Session fixation vulnerability in ownCloud prior to 6.0.2, when PHP is configured to accept session parameters through a GET request, allows remote malicious users to hijack web sessions via unspecified vectors.
Owncloud Owncloud
Owncloud Owncloud 6.0.0
5.5
CVSSv2
CVE-2014-3835
ownCloud Server prior to 5.0.16 and 6.0.x prior to 6.0.3 does not check permissions to the files_external application, which allows remote authenticated users to add external storage via unspecified vectors.
Owncloud Owncloud 6.0.0
Owncloud Owncloud 6.0.2
Owncloud Owncloud 6.0.1
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.13
Owncloud Owncloud 5.0.14
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.9
Owncloud Owncloud
Owncloud Owncloud 5.0.8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »