Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud 6.0.2 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2014-2052
Zend Framework, as used in ownCloud Server prior to 5.0.15 and 6.0.x prior to 6.0.2, allows remote malicious users to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
Owncloud Owncloud
668
VMScore
CVE-2014-2051
ownCloud Server prior to 5.0.15 and 6.0.x prior to 6.0.2 allows remote malicious users to conduct an LDAP injection attack via unspecified vectors, as demonstrated using a "login query."
Owncloud Owncloud 6.0.0
Owncloud Owncloud 6.0.1
Owncloud Owncloud
Owncloud Owncloud 5.0.14
Owncloud Owncloud 5.0.13
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.9
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.8
668
VMScore
CVE-2014-2056
PHPDocX, as used in ownCloud Server prior to 5.0.15 and 6.0.x prior to 6.0.2, allows remote malicious users to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
Owncloud Owncloud 5.0.13
Owncloud Owncloud
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.8
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.5
Phpdocx Phpdocx -
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.14
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.9
Owncloud Owncloud 6.0.0
Owncloud Owncloud 6.0.1
668
VMScore
CVE-2014-2053
getID3() prior to 1.9.8, as used in ownCloud Server prior to 5.0.15 and 6.0.x prior to 6.0.2, allows remote malicious users to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
Getid3 Getid3 1.9.1
Getid3 Getid3 1.9.0
Owncloud Owncloud 5.0.14
Owncloud Owncloud
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.9
Getid3 Getid3 1.9.3
Getid3 Getid3 1.9.2
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.13
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.8
Getid3 Getid3
Getid3 Getid3 1.9.6
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Getid3 Getid3 1.9.5
Getid3 Getid3 1.9.4
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.11
668
VMScore
CVE-2014-2054
PHPExcel prior to 1.8.0, as used in ownCloud Server prior to 5.0.15 and 6.0.x prior to 6.0.2, does not disable external entity loading in libxml, which allows remote malicious users to read arbitrary files, cause a denial of service, or possibly have other impact via an XML Exter...
Owncloud Owncloud 6.0.0
Phpexcel Project Phpexcel
Owncloud Owncloud 6.0.1
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.13
Owncloud Owncloud
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.8
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.14
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.9
668
VMScore
CVE-2014-2055
SabreDAV prior to 1.7.11, as used in ownCloud Server prior to 5.0.15 and 6.0.x prior to 6.0.2, allows remote malicious users to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
Fruux Sabredav 1.6.3
Fruux Sabredav 1.6.5
Fruux Sabredav 1.7.2
Fruux Sabredav 1.7.4
Fruux Sabredav 1.8.0
Fruux Sabredav 1.8.2
Fruux Sabredav
Owncloud Owncloud 6.0.0
Fruux Sabredav 1.6.0
Fruux Sabredav 1.6.1
Fruux Sabredav 1.6.10
Fruux Sabredav 1.7.5
Fruux Sabredav 1.7.6
Fruux Sabredav 1.7.7
Fruux Sabredav 1.7.8
Owncloud Owncloud 6.0.1
Fruux Sabredav 1.6.6
Fruux Sabredav 1.6.7
Fruux Sabredav 1.6.8
Fruux Sabredav 1.6.9
Fruux Sabredav 1.7.0
Fruux Sabredav 1.8.4
605
VMScore
CVE-2014-9041
The import functionality in the bookmarks application in ownCloud server prior to 5.0.18, 6.x prior to 6.0.6, and 7.x prior to 7.0.3 does not validate CSRF tokens, which allow remote malicious users to conduct CSRF attacks.
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.13
Owncloud Owncloud 5.0.14
Owncloud Owncloud 6.0.1
Owncloud Owncloud 6.0.2
Owncloud Owncloud 6.0.3
Owncloud Owncloud 6.0.4
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.16
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.9
Owncloud Owncloud 7.0.0
Owncloud Owncloud 7.0.2
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.15
605
VMScore
CVE-2014-4929
Directory traversal vulnerability in the routing component in ownCloud Server prior to 5.0.17 and 6.0.x prior to 6.0.4 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in a filename, related to index.php.
Owncloud Owncloud 6.0.0
Owncloud Owncloud 6.0.2
Owncloud Owncloud 6.0.1
Owncloud Owncloud 6.0.3
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.14
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.13
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.15
Owncloud Owncloud
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.8
Owncloud Owncloud 5.0.9
605
VMScore
CVE-2014-2047
Session fixation vulnerability in ownCloud prior to 6.0.2, when PHP is configured to accept session parameters through a GET request, allows remote malicious users to hijack web sessions via unspecified vectors.
Owncloud Owncloud
Owncloud Owncloud 6.0.0
490
VMScore
CVE-2014-3835
ownCloud Server prior to 5.0.16 and 6.0.x prior to 6.0.3 does not check permissions to the files_external application, which allows remote authenticated users to add external storage via unspecified vectors.
Owncloud Owncloud 6.0.0
Owncloud Owncloud 6.0.2
Owncloud Owncloud 6.0.1
Owncloud Owncloud 5.0.2
Owncloud Owncloud 5.0.3
Owncloud Owncloud 5.0.4
Owncloud Owncloud 5.0.5
Owncloud Owncloud 5.0.6
Owncloud Owncloud 5.0.1
Owncloud Owncloud 5.0.10
Owncloud Owncloud 5.0.11
Owncloud Owncloud 5.0.12
Owncloud Owncloud 5.0.0
Owncloud Owncloud 5.0.13
Owncloud Owncloud 5.0.14
Owncloud Owncloud 5.0.7
Owncloud Owncloud 5.0.9
Owncloud Owncloud
Owncloud Owncloud 5.0.8
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »