ownCloud Server prior to 7.0.8, 8.0.x prior to 8.0.6, and 8.1.x prior to 8.1.1 does not properly check ownership of calendars, which allows remote authenticated users to read arbitrary calendars via the calid parameter to apps/calendar/export.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
owncloud owncloud 7.0.6 |
||
owncloud owncloud 7.0.7 |
||
owncloud owncloud 7.0.4 |
||
owncloud owncloud 7.0.5 |
||
owncloud owncloud 8.0.5 |
||
owncloud owncloud 8.1.0 |
||
owncloud owncloud 7.0.2 |
||
owncloud owncloud 7.0.3 |
||
owncloud owncloud 8.0.3 |
||
owncloud owncloud 8.0.4 |
||
owncloud owncloud 7.0.0 |
||
owncloud owncloud 7.0.1 |
||
owncloud owncloud 8.0.0 |
||
owncloud owncloud 8.0.2 |