ownCloud 4.0.x prior to 4.0.10 and 4.5.x prior to 4.5.5 does not properly restrict access to settings.php, which allows remote malicious users to edit app configurations of user_webdavauth and user_ldap by editing this file.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
owncloud owncloud 4.0.4 |
||
owncloud owncloud 4.0.5 |
||
owncloud owncloud 4.0.6 |
||
owncloud owncloud 4.0.7 |
||
owncloud owncloud 4.0.9 |
||
owncloud owncloud 4.0.1 |
||
owncloud owncloud 4.0.8 |
||
owncloud owncloud 4.0.0 |
||
owncloud owncloud 4.0.2 |
||
owncloud owncloud 4.0.3 |
||
owncloud owncloud 4.5.2 |
||
owncloud owncloud 4.5.1 |
||
owncloud owncloud 4.5.4 |
||
owncloud owncloud 4.5.3 |
||
owncloud owncloud 4.5.0 |
Vulmon